CVE-2026-1716
CVE-2026-1716
6.9
MediumPublished:
Last updated:
Source:psirt@lenovo.com
Analyzed
Weakness (CWE)
CVSS Vector
v4.0- Attack Vector
- Local
- Attack Complexity
- Low
- Attack Requirements
- None
- Privileges Required
- Low
- User Interaction
- None
- Confidentiality (Vulnerable)
- None
- Integrity (Vulnerable)
- High
- Availability (Vulnerable)
- High
- Confidentiality (Subsequent)
- None
- Integrity (Subsequent)
- None
- Availability (Subsequent)
- None
Description
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges.
References
psirt@lenovo.com
https://iknow.lenovo.com.cn/detail/438815psirt@lenovo.com
https://support.lenovo.com/us/en/product_security/LEN-213044