Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

CVE-2025-6231: CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') in Lenovo Vantage

High
VulnerabilityCVE-2025-6231cvecve-2025-6231cwe-88
Published: Thu Jul 17 2025 (07/17/2025, 19:19:23 UTC)
Source: CVE Database V5
Vendor/Project: Lenovo
Product: Vantage

Description

An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute code with elevated permissions by modifying an application configuration file.

Technical Details

Data Version
5.1
Assigner Short Name
lenovo
Date Reserved
2025-06-18T13:04:05.813Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 68794f7fa83201eaace863fa

Added to database: 7/17/2025, 7:31:11 PM

Last updated: 7/17/2025, 7:31:11 PM

Views: 1

Related Threats

CVE-2025-6249: CWE-602: Client-Side Enforcement of Server-Side Security in Lenovo FileZ Client

High
VulnerabilityThu Jul 17 2025

CVE-2025-6248: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Lenovo Browser

High
VulnerabilityThu Jul 17 2025

CVE-2025-6232: CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') in Lenovo Vantage

High
VulnerabilityThu Jul 17 2025

CVE-2025-6230: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Lenovo Vantage

Medium
VulnerabilityThu Jul 17 2025

CVE-2025-4657: CWE-122: Heap-based Buffer Overflow in Lenovo PC Manager

High
VulnerabilityThu Jul 17 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats