Lenovo Energy Management Driver for Windows 10 Vulnerability - Lenovo Support US

Lenovo Security Advisory: LEN-27682

Potential Impact: Denial of service

Severity: Medium

Scope of Impact: Lenovo-specific

CVE Identifier: CVE-2019-6183

Summary Description:

A denial of service vulnerability has been reported in Lenovo Energy Management Driver for Windows 10 versions prior to 15.11.29.7 that could cause systems to experience a blue screen error. Lenovo Energy Management is a client utility. Lenovo XClarity Energy Manager is not affected.

Mitigation Strategy for Customers (what you should do to protect yourself):

Upgrade to the Lenovo Energy Management Driver for Windows 10 version 15.11.29.7 (or newer) .

Acknowledgement:

Lenovo would like to thank Cesar Cerrudo of IOACtive for reporting this issue.

Revision History:

For a complete list of all Lenovo Product Security Advisories, click here.

For the most up to date information, please remain current with updates and advisories from Lenovo regarding your equipment and software. The information provided in this advisory is provided on an “as is” basis without any warranty or guarantee of any kind. Lenovo reserves the right to change or update this advisory at any time.