CVE-2023-25496
First published: Fri Apr 28 2023(Updated: )
A privilege escalation vulnerability was reported in Lenovo Drivers Management Lenovo Driver Manager that could allow a local user to execute code with elevated privileges.
Credit: psirt@lenovo.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Lenovo Drivers Management | <3.1.1307.1308 |
Remedy
Update to Lenovo Driver Manager version 3.1.1307.1308 or later.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this privilege escalation vulnerability in Lenovo Drivers Management Lenovo Driver Manager?
The vulnerability ID for this privilege escalation vulnerability is CVE-2023-25496.
What is the affected software for this vulnerability?
The affected software is Lenovo Drivers Management Lenovo Driver Manager version 3.1.1307.1308.
What is the severity of CVE-2023-25496?
The severity of CVE-2023-25496 is high, with a severity value of 7.8.
How does CVE-2023-25496 impact the system?
CVE-2023-25496 allows a local user to execute code with elevated privileges, posing a risk of unauthorized access and potential system compromise.
Is there a fix or patch available for CVE-2023-25496?
At the time of this report, no specific fix or patch has been mentioned. It is recommended to follow the guidance provided by Lenovo and keep the software up to date.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/remedy
- agent/last-modified-date
- agent/references
- agent/description
- agent/event
- agent/first-publish-date
- agent/tags
- agent/source
- vendor/lenovo
- canonical/lenovo drivers management