CVE-2016-8225

HIGH

Lenovo Edge & Lenovo Slim USB Keyboard Driver <1.21 - Privilege Esc...

Title source: llm
STIX 2.1

Description

Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://support.lenovo.com/us/en/solutions/LEN-11588
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/95842

Scores

CVSS v3 7.8
EPSS 0.0006
EPSS Percentile 18.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-428
Status published
Products (3)
lenovo/edge_keyboard_driver < 1.20
lenovo/slim_usb_keyboard_driver < 1.20
Lenovo Group Ltd./Edge and Slim USB Keyboard Driver Earlier than 1.21
Published Jan 26, 2017
Tracked Since Feb 18, 2026