Lucene search

LenovoCVELIST:CVE-2021-3462

HistoryApr 13, 2021 - 8:41 p.m.

CVE-2021-3462

2021-04-1320:41:44

CWE-276

lenovo

www.cve.org

lenovo

power management

windows 10

vulnerability

privilege escalation

driver

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

12.6%

JSON

A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver’s device object.

CNA Affected

[
  {
    "product": "Power Management Driver for Windows 10",
    "vendor": "Lenovo",
    "versions": [
      {
        "lessThan": "1.67.17.54",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-59174

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2021-3462