{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T07:26:23.343","vulnerabilities":[{"cve":{"id":"CVE-2024-23594","sourceIdentifier":"psirt@lenovo.com","published":"2024-04-15T18:15:10.530","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"\nA buffer overflow vulnerability was reported\n\nin a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014\n\n\n that could allow a privileged attacker with local access to execute arbitrary code. \n\n"},{"lang":"es","value":"Se informó una vulnerabilidad de desbordamiento de búfer en un gestor de arranque de recuperación del sistema que formaba parte de los sistemas operativos Windows 7 y 8 precargados de Lenovo de 2012 a 2014 y que podría permitir que un atacante privilegiado con acceso local ejecutara código arbitrario."}],"metrics":{"cvssMetricV31":[{"source":"psirt@lenovo.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.5,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@lenovo.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://support.lenovo.com/us/en/product_security/LEN-132277","source":"psirt@lenovo.com"},{"url":"https://support.lenovo.com/us/en/product_security/LEN-132277","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}