{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/lenovo-app-store/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-13103"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Lenovo App Store"],"_cs_severities":["high"],"_cs_tags":["vulnerability","path-traversal","rce","lenovo"],"_cs_type":"advisory","_cs_vendors":["Lenovo"],"content_html":"\u003cp\u003eA significant path traversal vulnerability (CVE-2026-13103) has been reported in the Lenovo App Store, an application distributed exclusively in the Chinese market. This flaw, categorized as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory), allows a local authenticated user to execute arbitrary code. The vulnerability affects versions of the Lenovo App Store prior to 9.0.2930.0514 running on Windows operating systems. Successful exploitation could lead to an attacker running malicious code with the privileges of the authenticated user, potentially facilitating further compromise, data manipulation, or system instability. The vulnerability has a CVSS v3.1 base score of 7.3 (High) and requires user interaction for exploitation.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eA local, authenticated user gains access to a Windows system with the vulnerable Lenovo App Store installed.\u003c/li\u003e\n\u003cli\u003eThe user identifies the path traversal vulnerability within specific functionalities of the Lenovo App Store.\u003c/li\u003e\n\u003cli\u003eThe user crafts malicious input containing directory traversal sequences (e.g., \u003ccode\u003e../\u003c/code\u003e, \u003ccode\u003e..\\\u003c/code\u003e) intended for a file path or similar parameter within the application.\u003c/li\u003e\n\u003cli\u003eThe Lenovo App Store processes this malformed input, failing to properly sanitize or validate the path.\u003c/li\u003e\n\u003cli\u003eThis allows the attacker to write or modify files outside of the intended, restricted directories, potentially into critical system locations or user-controlled execution paths.\u003c/li\u003e\n\u003cli\u003eThe attacker places a malicious executable or script in a location from which it will be executed (e.g., a startup folder, an overwritten legitimate application binary, or a user-invoked path).\u003c/li\u003e\n\u003cli\u003eUpon subsequent user interaction with the application or system, the malicious code is executed.\u003c/li\u003e\n\u003cli\u003eArbitrary code execution is achieved under the context of the local authenticated user.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-13103 can lead to arbitrary code execution within the context of the local authenticated user on affected Windows systems. This could allow an attacker to install additional malicious software, modify system configurations, access or exfiltrate sensitive data, or establish persistence. While this vulnerability requires prior local authentication and user interaction, it significantly escalates the potential for damage once an attacker has established a foothold on a system. The impact is primarily confined to users of the Lenovo App Store in the Chinese market.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately update the Lenovo App Store to version 9.0.2930.0514 or later to patch CVE-2026-13103.\u003c/li\u003e\n\u003cli\u003eRegularly review and enforce principle of least privilege for all local user accounts to minimize the potential impact of successful local exploits.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-16T17:19:04Z","date_published":"2026-07-16T17:19:04Z","id":"https://feed.craftedsignal.io/briefs/2026-07-lenovo-app-store-pathtraversal/","summary":"A critical path traversal vulnerability, identified as CVE-2026-13103, exists in the Lenovo App Store, enabling a local authenticated user to achieve arbitrary code execution on affected Windows systems within the Chinese market.","title":"Lenovo App Store Path Traversal Vulnerability (CVE-2026-13103) Leading to Arbitrary Code Execution","url":"https://feed.craftedsignal.io/briefs/2026-07-lenovo-app-store-pathtraversal/"}],"language":"en","title":"CraftedSignal Threat Feed - Lenovo App Store","version":"https://jsonfeed.org/version/1.1"}