2 known vulnerabilities · sorted by CVSS score
An authenticated XCC user can change permissions for any user through a crafted API command.
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.