CVE-2021-3462
MEDIUMLenovo Power Management Driver < 1.67.17.54 - Privilege Escalation via Unauthorized Device Object Access
Title source: llmDescription
A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.lenovo.com/us/en/product_security/LEN-59174
Scores
CVSS v3
5.5
EPSS
0.0005
EPSS Percentile
14.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-276
Status
published
Products (1)
lenovo/power_management_driver
< 1.67.17.54
Published
Apr 13, 2021
Tracked Since
Feb 18, 2026