Vendor
Lenovo LegionSpace 1.7.11.2 Unquoted Service Path Vulnerability
2 rules 1 TTPA local exploit has been published for Lenovo LegionSpace 1.7.11.2, detailing an Unquoted Service Path vulnerability in the 'DAService', potentially leading to local privilege escalation.
CVE-2026-5804 - Motorola Factory Test Improper Authentication Vulnerability
2 rules 1 TTP 1 CVEThe Motorola Factory Test component (com.motorola.motocit) contains an improper authentication vulnerability, allowing a local attacker to bypass permission checks and access protected device settings by leveraging a writable file descriptor in external storage to open a TCP server.
Lenovo Personal Cloud Storage Improper File Path Validation Vulnerability (CVE-2026-6282)
2 rules 1 TTP 1 CVECVE-2026-6282 describes a potential improper file path validation vulnerability in Lenovo Personal Cloud Storage devices, allowing a remote authenticated user to move or access files belonging to other users.
CVE-2026-6281: Lenovo Personal Cloud Storage Remote Command Execution
2 rules 1 TTP 1 CVECVE-2026-6281 describes a vulnerability in Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network to execute arbitrary commands on the device.
Suspicious PowerShell Engine ImageLoad
2 rules 1 TTPThis rule identifies instances where the PowerShell engine is loaded by processes other than powershell.exe, potentially indicating attackers attempting to use PowerShell functionality stealthily by using the underlying System.Management.Automation namespace and bypassing PowerShell security features.
Startup or Run Key Registry Modification
3 rules 2 TTPsAttackers modify registry run keys or startup keys to achieve persistence by referencing a program that executes when a user logs in or the system boots.