Medium
CVSS 5.3
Overview
A SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite database and execute limited SQLite commands.
CVE-2025-6230
A SQL injection vulnerability was reported in Lenovo Vantage that could allow a ...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 5.3 (MEDIUM)
- Detected tags: sql (tag impact: MODERATE)
Recommended actions:
- Use parameterized queries/ORM (avoid string concatenation).
- Add WAF rules and input validation.