Lenovo ≫ Installation Package

A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileges.

A symbolic link vulnerability in some Lenovo installation packages, prior to version 1.2.9.3, could allow privileged file operations during file extraction and installation.