CVE-2026-6090: High severity Lenovo Lenovo Smart Connect for Windows vulnerability
Published Jun 10, 2026
·Updated
A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges.
Affected Software
1 affected component
Lenovo Lenovo Smart Connect for Windows
Remediation
Information
Update Lenovo Smart Connect for Windows to version 09.0.2.003.000 or later.
Smart Connect will prompt the user to download latest version when launched.
Event History
Jun 10, 2026
CVE Published
via MITRE·02:09 PM
Data Sourced
via MITRE·02:09 PM
RemedyDescriptionSeverityWeakness
Data Sourced
via NVD·03:16 PM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2026-6090?
CVE-2026-6090 has a severity rating of high, with a score of 7.
2
How do I fix CVE-2026-6090?
To fix CVE-2026-6090, update Lenovo Smart Connect for Windows to version 09.0.2.003.000 or later.
3
What type of vulnerability is CVE-2026-6090?
CVE-2026-6090 is a potential authentication bypass vulnerability that could allow local authenticated users to execute arbitrary code.
4
Who is affected by CVE-2026-6090?
CVE-2026-6090 affects users of Lenovo Smart Connect for Windows.
5
When was CVE-2026-6090 published?
CVE-2026-6090 was published on June 10, 2026.