CVE-2023-1577

Published: Jul 31, 2024Modified: Aug 13, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: psirt@lenovo.com (Secondary)

Description

A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307.1308 that could allow a local user to execute code with elevated privileges.

Affected (1)

Products: Lenovo: Drivers Management

Lenovo

1 product

Drivers Management

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Lenovo Drivers Management	Before 3.1.1307.1308

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (1)

https://iknow.lenovo.com.cn/detail/dc_415202.html

Source: psirt@lenovo.com

Vendor Advisory

Timeline

No history available yet.