CVE-2025-0886

HIGH

Elliptic Labs Virtual Lock Sensor - Privilege Escalation

Title source: llm

Description

An incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to escalate privileges.

Exploits (1)

nomisec WORKING POC 1 stars

by JNDataRT · poc

https://github.com/JNDataRT/VirtualLockSensorLPE

View Code ZIP pw:eip

References (1)

[Various Sources] https://support.lenovo.com/us/en/product_security/LEN-182738

Scores

CVSS v3 7.8

EPSS 0.0003

EPSS Percentile 7.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-276

Status published

Products (33)

Lenovo/Elliptic Human Presence Detection Device Driver for T14 Gen 4 (Type 21K3, 21K4) < 1000.100.108.1893

Lenovo/Elliptic Human Presence Detection Device Driver for T14 Gen 5 (Type 21ML, 21MM) < 1000.100.108.801

Lenovo/Elliptic Human Presence Detection Device Driver for T14s Gen 5 (Type 21LS, 21LT) < 1000.100.108.801

Lenovo/Elliptic Human Presence Detection Device Driver for T16 Gen 2 (Type 21K7 21K8) < 1000.100.106.2391

Lenovo/Elliptic Human Presence Detection Device Driver for T16 Gen 3 (Type 21MN, 21MQ) < 1000.100.108.801

Lenovo/Elliptic Human Presence Detection Device Driver for ThinkPad P14s Gen 4 (Type 21K5, 21K6) < 1000.100.108.1893

Lenovo/Elliptic Human Presence Detection Device Driver for ThinkPad P14s Gen 5 (Type 21ME, 21MF) < 1000.100.108.6136

Lenovo/Elliptic Human Presence detection Device Driver for ThinkPad P16 Gen 2 (Type 21FA, 21FB) < 1000.100.108.774

Lenovo/Elliptic Human Presence Detection Device Driver for ThinkPad P16s Gen 2 (Type 21K9, 21KA) < 1000.100.106.2391

Lenovo/Elliptic Human Presence Detection Device Driver for ThinkPad P16v Gen 1 (Type 21FC, 21FD) < 1000.100.108.900

... and 23 more

Published Jul 17, 2025

Tracked Since Feb 18, 2026