Vulnerabilidades em Lenovo
369 resultadosAnálise Vexday
Com 369 CVEs catalogadas, o portfólio de vulnerabilidades da Lenovo apresenta taxa de exploração ativa abaixo da média geral do catálogo KEV, sem registros confirmados de exploração em curso. O tipo de falha mais frequente é CWE-20 (validação inadequada de entrada), o que sugere atenção recorrente à sanitização de dados em componentes de firmware e software proprietário. A CVE mais perigosa identificada atualmente é CVE-2022-3699, com score EPSS de 0,0428 — o maior valor observado no conjunto —, indicando probabilidade de exploração ainda relativamente baixa, mas suficiente para justificar priorização em ambientes corporativos que dependem de hardware Lenovo. As 13 vulnerabilidades surgidas nos últimos 90 dias e a presença de 4 falhas críticas reforçam a necessidade de ciclos regulares de atualização de firmware e drivers.
CVE-2023-25493MEDIUMA potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products EPSS 0.2%CVE-2025-6232HIGHAn improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute coEPSS 0.2%CVE-2025-6231HIGHAn improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute coEPSS 0.2%CVE-2023-4030HIGHA vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover toEPSS 0.2%CVE-2022-4575MEDIUM
A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attackerEPSS 0.2%CVE-2023-5912MEDIUM
A potential memory leakage vulnerability was reported in some Lenovo Notebook products that may allow a local attacker with elevated privilEPSS 0.2%CVE-2023-25494MEDIUM
A potential vulnerability were reported in the BIOS of some Desktop, Smart Edge, and ThinkStation products that could allow a local attackeEPSS 0.2%CVE-2025-9319HIGHA potential vulnerability was reported in the Lenovo Wallpaper Client that could allow arbitrary code execution under certain conditions.EPSS 0.2%CVE-2025-2502HIGHAn improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.EPSS 0.2%CVE-2022-3743MEDIUMA potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevatEPSS 0.2%CVE-2022-3745MEDIUMA potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevatEPSS 0.2%CVE-2024-4130HIGHA DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2024-4089HIGHA DLL hijack vulnerability was reported in Lenovo Super File that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2024-4131HIGHA DLL hijack vulnerability was reported in Lenovo Emulator that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2024-4132HIGHA DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges.EPSS 0.2%CVE-2026-7516MEDIUMA vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allowEPSS 0.2%CVE-2023-6043HIGHA privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and executeEPSS 0.2%CVE-2024-3100MEDIUMA potential buffer overflow vulnerability was reported in some Lenovo Notebook products that could allow a local attacker with elevated privEPSS 0.2%CVE-2025-0886HIGHAn incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to escEPSS 0.2%CVE-2024-12673HIGHAn improper privilege vulnerability was reported in a BIOS customization feature of Lenovo Vantage on SMB notebook devices which could allowEPSS 0.2%