Vulnerability Description
A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lenovo | Bootable Usb | < mar-2019 |
| Lenovo | Ideacentre | - |
| Lenovo | Thinkcentre | - |
| Lenovo | Thinkpad | - |
| Lenovo | Thinkstation | - |
Related Weaknesses (CWE)
References
- https://support.lenovo.com/solutions/LEN-25401PatchVendor Advisory
- https://support.lenovo.com/solutions/LEN-25401PatchVendor Advisory
FAQ
What is CVE-2019-6154?
CVE-2019-6154 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system.
How severe is CVE-2019-6154?
CVE-2019-6154 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-6154?
Check the references section above for vendor advisories and patch information. Affected products include: Lenovo Bootable Usb, Lenovo Ideacentre, Lenovo Thinkcentre, Lenovo Thinkpad, Lenovo Thinkstation.