CVE-2022-3699 PoC — Lenovo Diagnostics 缓冲区错误漏洞

Source

https://github.com/estimated1337/lenovo_exec

Associated Vulnerability

Title:Lenovo Diagnostics 缓冲区错误漏洞 (CVE-2022-3699)
Description: A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to version 1.3.1.2 and Lenovo Diagnostics prior to version 4.45 that could allow a local user to execute code with elevated privileges.

Description

CVE-2022-3699 with arbitrary kernel code execution capability

Readme

# lenovo_exec
CVE-2022-3699 with arbitrary kernel code execution capability

original exploit: https://github.com/alfarom256/CVE-2022-3699

File Snapshot


 [4.0K]  /data/pocs/9bcceb2bf586ec2048536a259214fe4781f2f9f9
├── [ 40K]  ldiagd.sys
├── [4.0K]  lenovo_exec
│   ├── [8.8K]  EzPdb.cpp
│   ├── [1.4K]  EzPdb.h
│   ├── [7.4K]  lenovo_exec.vcxproj
│   ├── [ 474]  lenovo_exec.vcxproj.filters
│   ├── [ 220]  lenovo_exec.vcxproj.user
│   ├── [ 14K]  LenovoMemoryMgr.cpp
│   ├── [4.4K]  LenovoMemoryMgr.h
│   ├── [ 470]  main.cpp
│   ├── [4.2K]  md5.cpp
│   └── [ 186]  md5.h
├── [1.4K]  lenovo_exec.sln
└── [ 139]  README.md

1 directory, 13 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!