Lenovo Diagnostics
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Lenovo Diagnostics.
By the Year
In 2026 there have been 1 vulnerability in Lenovo Diagnostics with an average score of 7.1 out of ten. Diagnostics did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 7.10 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 3 | 5.53 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 7.80 |
It may take a day or so for new Diagnostics vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Lenovo Diagnostics Security Vulnerabilities
Lenovo Diagnostics HWScanAddin Arbitrary File Write via Local Auth
CVE-2026-0827
7.1 - High
- April 15, 2026
During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantage that, during installation or when using hardware scan, could allow a local authenticated user to perform an arbitrary file write with elevated privileges.
insecure temporary file
Lenovo HardwareScanPlugin PrivEsc before v1.3.1.2 (Lenovo Diagnostics <4.45)
CVE-2022-3699
7.8 - High
- October 25, 2023
A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to version 1.3.1.2 and Lenovo Diagnostics prior to version 4.45 that could allow a local user to execute code with elevated privileges.
Memory Corruption
DoS in Lenovo HardwareScanPlugin <1.3.1.2 & Lenovo Diagnostics <4.45
CVE-2022-3698
4.4 - Medium
- October 25, 2023
A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to 1.3.1.2 and Lenovo Diagnostics versions prior to 4.45 that could allow a local user with administrative access to trigger a system crash.
Lenovo HardwareScanPlugin & Diagnostics DoS <1.3.1.2/4.45
CVE-2022-0353
4.4 - Medium
- October 25, 2023
A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to 1.3.1.2 and Lenovo Diagnostics versions prior to 4.45 that could allow a local user with administrative access to trigger a system crash.
A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4
CVE-2020-8338
7.8 - High
- October 14, 2020
A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system.
Untrusted Path
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Lenovo Diagnostics or by Lenovo? Click the Watch button to subscribe.
