First published: Mon Nov 13 2017(Updated: )
A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products. An attacker with local privileges could execute code with administrative privileges.
Credit: psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Realtek Audio Driver Firmware | <6.0.1.8224 | |
Lenovo Thinkpad 10 | ||
Lenovo Thinkpad 11e | ||
Lenovo Thinkpad 13 | ||
Lenovo Thinkpad L450 | ||
Lenovo Thinkpad L460 | ||
Lenovo Thinkpad L470 Kbl | ||
Lenovo Thinkpad L470 Skl | ||
Lenovo Thinkpad L560 | ||
Lenovo Thinkpad P50 | ||
Lenovo Thinkpad P50s | ||
Lenovo Thinkpad P51s | ||
Lenovo Thinkpad P70 | ||
Lenovo Thinkpad P71 | ||
Lenovo Thinkpad S1 | ||
Lenovo Thinkpad S1 Yoga | ||
Lenovo Thinkpad S1 Yoga 12 | ||
Lenovo Thinkpad S2 | ||
Lenovo Thinkpad T440 | ||
Lenovo Thinkpad T440p | ||
Lenovo Thinkpad T440s | ||
Lenovo Thinkpad T450 | ||
Lenovo Thinkpad T450s | ||
Lenovo ThinkPad T460 | ||
Lenovo ThinkPad T460p | ||
Lenovo Thinkpad T460s | ||
Lenovo Thinkpad T470 | ||
Lenovo Thinkpad T470p | ||
Lenovo Thinkpad T470s Skl | ||
Lenovo Thinkpad T540p | ||
Lenovo Thinkpad T550 | ||
Lenovo Thinkpad T560 | ||
Lenovo Thinkpad T570 | ||
Lenovo Thinkpad W540 | ||
Lenovo Thinkpad W541 | ||
Lenovo Thinkpad W550s | ||
Lenovo ThinkPad X1 Carbon | ||
Lenovo Thinkpad X1 Tablet | ||
Lenovo Thinkpad X1 Yoga | ||
Lenovo Thinkpad X1c | ||
Lenovo Thinkpad X240 | ||
Lenovo Thinkpad X240s | ||
Lenovo Thinkpad X250 | ||
Lenovo Thinkpad X260 | ||
Lenovo Thinkpad X270 Kbl | ||
Lenovo Thinkpad X270 Skl | ||
Lenovo Thinkpad Yoga 11e |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-3767 is a local privilege escalation vulnerability in Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products.
An attacker with local privileges can exploit CVE-2017-3767 to execute code with administrative privileges.
Some Lenovo ThinkPad products with Realtek audio driver versions prior to 6.0.1.8224 are affected by CVE-2017-3767.
The severity of CVE-2017-3767 is high, with a CVSS severity score of 7.8 out of 10.
You can find more information about CVE-2017-3767 on the Lenovo Product Security website.