What is GHSA-mgc9-7xh6-8mpm?

GHSA-mgc9-7xh6-8mpm is a security advisory published by GitHub Security Advisories with High severity. A vulnerability was reported in Lenovo System Update that could allow a local user with...

Which CVE IDs does GHSA-mgc9-7xh6-8mpm cover?

GHSA-mgc9-7xh6-8mpm covers the following CVE IDs: CVE-2022-0354. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-mgc9-7xh6-8mpm?

GHSA-mgc9-7xh6-8mpm has a CVSS v3 base score of 7.8, published by GitHub Security Advisories.

GHSA-mgc9-7xh6-8mpmHighCVSS 7.8

A vulnerability was reported in Lenovo System Update that could allow a local user with...

Vendor

GitHub Security Advisories

Published

April 23, 2022

Last Modified

June 2, 2026

🔗 CVE IDs covered (1)

CVE-2022-0354 →

📋 Description

A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window.

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2022-0354
https://support.lenovo.com/us/en/product_security/LEN-76673
https://www.infosec.tirol/cve-2022-0354
https://github.com/advisories/GHSA-mgc9-7xh6-8mpm