CVE-2024-5474
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Oct 11, 2024
Updated: Nov 15, 2024
CWE ID 276
Summary
CVE-2024-5474 is a newly disclosed information disclosure vulnerability affecting Lenovo's Dolby Vision Provisioning software before version 2.0.0.2. During the installation process, a local attacker can potentially access system files with elevated privileges due to a flaw in Lenovo's packaging of the software. Importantly, this vulnerability only impacts the latest version of the software and does not affect previously installed editions.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.