{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1716", "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "state": "PUBLISHED", "assignerShortName": "lenovo", "dateReserved": "2026-01-30T19:00:48.303Z", "datePublished": "2026-03-11T20:22:37.168Z", "dateUpdated": "2026-03-12T16:18:30.536Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "DeviceSettingsSystemAddin", "product": "Vantage", "vendor": "Lenovo", "versions": [{"lessThan": "1.0.8.15", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "packageName": "DeviceSettingsSystemAddin", "product": "Baiying", "vendor": "Lenovo", "versions": [{"lessThan": "1.0.8.15", "status": "affected", "version": "0", "versionType": "custom"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:vantage:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.8.15", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:baiying:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.8.15", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "value": "Lenovo thanks Manuel Kiesel (cyllective AG) for reporting these issues."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges."}], "value": "An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.9, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-88", "description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo", "dateUpdated": "2026-03-11T20:22:37.168Z"}, "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-213044"}, {"url": "https://iknow.lenovo.com.cn/detail/438815"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Update Vantage DeviceSettingsSystemAddin to version 1.0.8.15 or later.</p><p>DeviceSettingsSystemAddin is automatically updated by Lenovo Vantage and Baiying.</p>"}], "value": "Update Vantage DeviceSettingsSystemAddin to version 1.0.8.15 or later.\n\nDeviceSettingsSystemAddin is automatically updated by Lenovo Vantage and Baiying."}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.0-beta"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T15:35:48.324036Z", "id": "CVE-2026-1716", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T16:18:30.536Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1716", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-12T15:35:48.324036Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T15:35:49.067Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Lenovo thanks Manuel Kiesel (cyllective AG) for reporting these issues."}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Lenovo", "product": "Vantage", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.8.15", "versionType": "custom"}], "packageName": "DeviceSettingsSystemAddin", "defaultStatus": "unaffected"}, {"vendor": "Lenovo", "product": "Baiying", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.8.15", "versionType": "custom"}], "packageName": "DeviceSettingsSystemAddin", "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update Vantage DeviceSettingsSystemAddin to version 1.0.8.15 or later.\n\nDeviceSettingsSystemAddin is automatically updated by Lenovo Vantage and Baiying.", "supportingMedia": [{"type": "text/html", "value": "<p>Update Vantage DeviceSettingsSystemAddin to version 1.0.8.15 or later.</p><p>DeviceSettingsSystemAddin is automatically updated by Lenovo Vantage and Baiying.</p>", "base64": false}]}], "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-213044"}, {"url": "https://iknow.lenovo.com.cn/detail/438815"}], "x_generator": {"engine": "Vulnogram 1.0.0-beta"}, "descriptions": [{"lang": "en", "value": "An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges.", "supportingMedia": [{"type": "text/html", "value": "An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-88", "description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:vantage:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "1.0.8.15", "versionStartIncluding": "0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:baiying:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "1.0.8.15", "versionStartIncluding": "0"}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo", "dateUpdated": "2026-03-11T20:22:37.168Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1716", "state": "PUBLISHED", "dateUpdated": "2026-03-12T16:18:30.536Z", "dateReserved": "2026-01-30T19:00:48.303Z", "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "datePublished": "2026-03-11T20:22:37.168Z", "assignerShortName": "lenovo"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges."}], "id": "CVE-2026-1716", "lastModified": "2026-03-12T21:08:22.643", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "psirt@lenovo.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@lenovo.com", "type": "Secondary"}]}, "published": "2026-03-11T21:16:15.017", "references": [{"source": "psirt@lenovo.com", "url": "https://iknow.lenovo.com.cn/detail/438815"}, {"source": "psirt@lenovo.com", "url": "https://support.lenovo.com/us/en/product_security/LEN-213044"}], "sourceIdentifier": "psirt@lenovo.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-88"}], "source": "psirt@lenovo.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.0.8.15)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Baiying", "source": "cna", "vendor": "Lenovo"}, "product": "baiying", "vendor": "lenovo"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.0.8.15)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Vantage", "source": "cna", "vendor": "Lenovo"}, "product": "vantage", "vendor": "lenovo"}], "analysis": {"en": {"generated_at": "2026-03-17T14:53:36.616896+00:00", "value": {"mitigation_remediation": ["Apply the Lenovo Vantage and Baiying update to DeviceSettingsSystemAddin version 1.0.8.15 or later.", "Confirm that the update has been applied to the DeviceSettingsSystemAddin component.", "Monitor the system for anomalous registry changes and review logs for unauthorized access attempts."], "summary": {"action": "Patch Now", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Lenovo Vantage and Lenovo Baiying products that utilize the DeviceSettingsSystemAddin module. Specific version details are not listed, but the known fix applies to all releases prior to DeviceSettingsSystemAddin version 1.0.8.15. Therefore, any deployments running older versions of the add\u2011in are potentially compromised.", "description_and_impact": "An input validation vulnerability was discovered in the DeviceSettingsSystemAddin component used by Lenovo Vantage and Lenovo Baiying. The flaw allows a local authenticated user to delete arbitrary registry keys with elevated privileges, which can result in privilege escalation or system disruption as malicious manipulation of registry entries can alter software behavior or cause denial of service. The weakness corresponds to CWE-88 (Incorrect Preservation of Object References).", "risk_and_exploitability": "The CVSS base score of 6.9 indicates medium to high severity, while the EPSS score of less than 1% suggests low current likelihood of exploitation. The flaw is limited to locally authenticated users and does not require remote access, and it is not listed in the CISA KEV catalog. Attackers would need local machine access to trigger the deletion of critical registry keys, posing a risk primarily to systems with privileged local users. Nevertheless, the potential for significant impact warrants prompt remediation."}}}}, "created": "2026-03-12T09:56:04.717709+00:00", "title": "Local Privilege Escalation via Input Validation in Lenovo Vantage & Baiying DeviceSettingsSystemAddin", "updated": "2026-03-20T15:37:11.751817+00:00", "vendors": ["lenovo", "lenovo$PRODUCT$baiying", "lenovo$PRODUCT$vantage"]}