CVE-2025-6230

Medium CVSS: 4.8

A SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite database and execute limited SQLite commands.

Vendor

Lenovo

Product

Commercial Vantage

CWE

CWE-89

Yayın Tarihi

2025-07-17 20:15:31

Güncelleme

2025-08-19 16:32:52

Source Identifier

psirt@lenovo.com

KEV Date Added

Kategoriler

CWE-89 Commercial Vantage MEDIUM Lenovo 2025

Referanslar

https://support.lenovo.com/us/en/product_security/LEN-196648

Benzer Kayıtlar

Medium

CVE-2026-1716

An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiyin…

Medium

CVE-2026-1717

An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Ba…

Medium

CVE-2026-1715

An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiyin…

Medium

CVE-2025-13453

A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read…

Medium

CVE-2025-13454

A potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user t…

High

CVE-2025-13455

A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass T…