Vulnerability CVE-2017-3751
Published: 2017-08-09   Modified: 2017-08-10

Description:
An unquoted service path vulnerability was identified in the driver for the ThinkPad Compact USB Keyboard with TrackPoint versions earlier than 1.5.5.0. This could allow an attacker with local privileges to execute code with administrative privileges.

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Lenovo -> Thinkpad compact usb keyboard driver 

 References:
https://support.lenovo.com/us/en/product_security/LEN-15061
Copyright 2024, cxsecurity.com

 

Back to Top