No analysis available yet.
Vendor Solution
Update Lenovo Smart Connect for Windows to version 09.0.2.003.000 or later. Smart Connect will prompt the user to download latest version when launched.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 16 Jul 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 16 Jul 2026 17:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | During an internal security assessment, a potential improper access control vulnerability was discovered in Lenovo Smart Connect for Windows that could allow a local authenticated user to access files owned by a different user on the same system. | |
| First Time appeared |
Lenovo
Lenovo smart Connect |
|
| Weaknesses | CWE-306 | |
| CPEs | cpe:2.3:a:lenovo:smart_connect:*:*:windows:*:*:*:*:* | |
| Vendors & Products |
Lenovo
Lenovo smart Connect |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: lenovo
Published:
Updated: 2026-07-16T17:59:36.981Z
Reserved: 2026-04-17T13:03:29.141Z
Link: CVE-2026-6511
Updated: 2026-07-16T17:59:33.173Z
No data.
No data.
OpenCVE Enrichment
No data.
-
CWE-306
Missing Authentication for Critical Function