CVE-2023-1577

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-1577
A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307.1308 that could allow a local user to execute code with elevated privileges.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://iknow.lenovo.com.cn/detail/dc_415202.html Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:lenovo:drivers_management:*:*:*:*:*:*:*:*
History

13 Aug 2024, 15:12

Type Values Removed Values Added
CWE NVD-CWE-noinfo
First Time Lenovo
Lenovo drivers Management
References () https://iknow.lenovo.com.cn/detail/dc_415202.html - () https://iknow.lenovo.com.cn/detail/dc_415202.html - Vendor Advisory
CPE cpe:2.3:a:lenovo:drivers_management:*:*:*:*:*:*:*:*

01 Aug 2024, 12:42

Type Values Removed Values Added
Summary
  • (es) Se informó una vulnerabilidad de secuestro de ruta en Lenovo Driver Manager antes de la versión 3.1.1307.1308 que podría permitir a un usuario local ejecutar código con privilegios elevados.

31 Jul 2024, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-31 21:15

Updated : 2024-08-13 15:12

NVD link : CVE-2023-1577

Mitre link : CVE-2023-1577

CVE.ORG link : CVE-2023-1577

JSON object : View

Products Affected

lenovo

  • drivers_management
CWE
NVD-CWE-noinfo CWE-20

Improper Input Validation


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CVE Database NetmanageIT CTO Corner Blog NetmanageIT CTO Corner Blog NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Internet Health and Latency Dashboard NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024