Description
A potential TOCTOU vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- Lenovo / App Store0 – 9.0.20
- Lenovo / Browser0 – 9.0.5.12181
- Lenovo / PC Manager0 – 5.1.90.12092