CVE-2023-1577

HIGH

Lenovo Driver Manager <3.1.1307.1308 - Privilege Escalation

Title source: llm

Description

A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307.1308 that could allow a local user to execute code with elevated privileges.

References (1)

[Vendor Advisory] https://iknow.lenovo.com.cn/detail/dc_415202.html

Scores

CVSS v3 7.8

EPSS 0.0009

EPSS Percentile 25.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-20

Status published

Affected Products (1)

lenovo/drivers_management < 3.1.1307.1308

Timeline

Published Jul 31, 2024

Tracked Since Feb 18, 2026