CVE-2025-12046_CVE-2025-12046

8.5 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions.

AI Analysis

DLL hijacking vulnerability allowing local authenticated users to execute code with elevated privileges

Basic Information

ID CVE-2025-12046

Source lenovo

Published Dec 10, 2025 at 14:08

Affected Product

Vendor Lenovo

Product App Store

Affected Versions Lenovo App Store 0
Lenovo Browser 0

CWE Classification

CWE-427

AI Assessment

AI Score 8.5 / 10

AI Severity High

Vendor Lenovo

Product Lenovo App Store, Lenovo Browser

References

iknow.lenovo.com.cn /detail/435004

{
    "lastseen": "",
    "description": "A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain conditions.",
    "published": "2025-12-10T14:08:25.124Z",
    "modified": "2025-12-10T14:08:25.124Z",
    "type": "cve",
    "title": "CVE-2025-12046",
    "source": "lenovo",
    "references": "https://iknow.lenovo.com.cn/detail/435004",
    "id": "CVE-2025-12046",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "Lenovo App Store 0\nLenovo Browser 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "App Store",
    "version": "0",
    "vendor": "Lenovo",
    "ai_description": "DLL hijacking vulnerability allowing local authenticated users to execute code with elevated privileges",
    "ai_severity": "High",
    "ai_vendor": "Lenovo",
    "ai_product": "Lenovo App Store, Lenovo Browser",
    "ai_version": "0",
    "ai_score": 8.5
}