Analysis and contextual insights are available on OpenCVE Cloud.
Vendor Solution
Update Lenovo Legion Zone to version 2.0.26 or later.
Tracking
Sign in to view the affected projects.
No advisories yet.
| Link | Providers |
|---|---|
| https://iknow.lenovo.com.cn/detail/441420 |
|
Thu, 16 Jul 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 16 Jul 2026 17:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A potential insecure permissions vulnerability was reported in Legion Zone and the Lenovo App Store Windows applications, distributed exclusively in the Chinese market, that when installed on a non‑system partition, could allow a local user to execute arbitrary code. | |
| First Time appeared |
Lenovo
Lenovo app Store Lenovo legion Zone |
|
| Weaknesses | CWE-277 | |
| CPEs | cpe:2.3:a:lenovo:app_store:*:*:windows:*:*:*:*:* cpe:2.3:a:lenovo:legion_zone:*:*:windows:*:*:*:*:* |
|
| Vendors & Products |
Lenovo
Lenovo app Store Lenovo legion Zone |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: lenovo
Published:
Updated: 2026-07-16T17:51:28.237Z
Reserved: 2026-05-19T19:01:33.092Z
Link: CVE-2026-9046
Updated: 2026-07-16T17:51:24.803Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-16T19:00:04Z