A potential vulnerability was reported in Lenovo App Store, distributed exclusively in the Chinese market, that could allow a local authenticated user to execute arbitrary code with elevated privileges.

Project Subscriptions

Vendors Products
App Store Subscribe
Advisories

No advisories yet.

Fixes

Solution

Update Lenovo Store Windows Application to version 9.0.2930.0514 or later.


Workaround

No workaround given by the vendor.

References
History

Thu, 16 Jul 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 16 Jul 2026 17:00:00 +0000

Type Values Removed Values Added
Description A potential vulnerability was reported in Lenovo App Store, distributed exclusively in the Chinese market, that could allow a local authenticated user to execute arbitrary code with elevated privileges.
First Time appeared Lenovo
Lenovo app Store
Weaknesses CWE-250
CPEs cpe:2.3:a:lenovo:app_store:*:*:*:*:*:*:*:*
Vendors & Products Lenovo
Lenovo app Store
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 7, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: lenovo

Published:

Updated: 2026-07-16T17:38:29.523Z

Reserved: 2026-06-23T19:38:58.998Z

Link: CVE-2026-13104

cve-icon Vulnrichment

Updated: 2026-07-16T17:38:20.652Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-16T18:45:03Z

Weaknesses