Vulnerability CVE-2017-3756


Published: 2017-08-18   Modified: 2017-08-19

Description:
A privilege escalation vulnerability was identified in Lenovo Active Protection System for ThinkPad systems versions earlier than 1.82.0.17. An attacker with local privileges could execute code with administrative privileges via an unquoted service path.

Type:

CWE-noinfo

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Lenovo -> Thinkpad x1 carbon 20ax 
Lenovo -> Thinkpad s1 yoga vpro bios 
Lenovo -> Thinkpad yoga 260 s1 bios 
Lenovo -> Thinkpad x1 tablet bios 
Lenovo -> Thinkpad t540p bios 
Lenovo -> Thinkpad e460 
Lenovo -> Thinkpad x1 carbon 
Lenovo -> Thinkpad x260 
Lenovo -> Thinkpad t440u 
Lenovo -> Thinkpad t460 
Lenovo -> Thinkpad s3 s440 bios 
Lenovo -> Thinkpad s540 bios 
Lenovo -> Thinkpad 13e bios 
Lenovo -> Thinkpad t440p bios 
Lenovo -> Thinkpad x250 broadwell bios 
Lenovo -> Thinkpad helix 20cg 
Lenovo -> Thinkpad x240s 
Lenovo -> Thinkpad edge e545 
Lenovo -> Thinkpad t440s 
Lenovo -> Thinkpad e555 
Lenovo -> Thinkpad yoga 11e skylake bios 
Lenovo -> Thinkpad e450 bios 
Lenovo -> Thinkpad t460p bios 
Lenovo -> Thinkpad t540 bios 
Lenovo -> Thinkpad w541 bios 
Lenovo -> Thinkpad helix 20ch 
Lenovo -> Thinkpad s3 yoga 14 
Lenovo -> Thinkpad edge e540 
Lenovo -> Thinkpad t440p 
Lenovo -> Thinkpad yoga 11e 
Lenovo -> Thinkpad 11e skylake bios 
Lenovo -> Thinkpad e550c bios 
Lenovo -> Thinkpad x250 sharkbay bios 
Lenovo -> Thinkpad x1 carbon 20bx bios 
Lenovo -> Thinkpad e450c bios 
Lenovo -> Thinkpad tablet 10 
Lenovo -> Thinkpad t550 
Lenovo -> Thinkpad yoga 11e beema 
Lenovo -> Thinkpad w550s 
Lenovo -> Thinkpad e550 
Lenovo -> Thinkpad yoga 11e bios 
Lenovo -> Thinkpad p50s bios 
Lenovo -> Thinkpad edge e440 bios 
Lenovo -> Thinkpad helix 20cg bios 
Lenovo -> Thinkpad x140e amd bios 
Lenovo -> Thinkpad w541 
Lenovo -> Thinkpad s3 s440 
Lenovo -> Thinkpad t450 
Lenovo -> Thinkpad s5 e560p 
Lenovo -> Thinkpad x1 carbon bios 
Lenovo -> Thinkpad p70 bios 
Lenovo -> Thinkpad edge e540 bios 
Lenovo -> Thinkpad e550 bios 
Lenovo -> Thinkpad yoga 11e beema bios 
Lenovo -> Thinkpad w540 
Lenovo -> Thinkpad l540 
Lenovo -> Thinkpad x1 tablet 
Lenovo -> Thinkpad x240 
Lenovo -> Thinkpad s1 yoga non vpro bios 
Lenovo -> Thinkpad l450 bios 
Lenovo -> Thinkpad e460 bios 
Lenovo -> Thinkpad tablet 8 bios 
Lenovo -> Thinkpad edge e545 bios 
Lenovo -> Thinkpad s1 yoga 12 
Lenovo -> Thinkpad 11e braswell 
Lenovo -> Thinkpad p50s 
Lenovo -> Thinkpad 13e 
Lenovo -> Thinkpad tablet 10 bios 
Lenovo -> Thinkpad e555 bios 
Lenovo -> Thinkpad e560 bios 
Lenovo -> Thinkpad s1 yoga 12 bios 
Lenovo -> Thinkpad edge e445 bios 
Lenovo -> Thinkpad yoga 260 s1 
Lenovo -> Thinkpad tablet 8 
Lenovo -> Thinkpad s5 yoga 15 
Lenovo -> Thinkpad 11e skylake 
Lenovo -> Thinkpad t440u bios 
Lenovo -> Thinkpad t460 bios 
Lenovo -> Thinkpad p50 bios 
Lenovo -> Thinkpad w550s bios 
Lenovo -> Thinkpad e565 bios 
Lenovo -> Thinkpad x250 broadwell 
Lenovo -> Thinkpad yoga 14 460 s3 
Lenovo -> Thinkpad l440 
Lenovo -> Thinkpad edge e445 
Lenovo -> Thinkpad 11e beema 
Lenovo -> Thinkpad t560 bios 
Lenovo -> Thinkpad 11e broadwell bios 
Lenovo -> Thinkpad x240 bios 
Lenovo -> Thinkpad s5 e560p bios 
Lenovo -> Thinkpad t440 bios 
Lenovo -> Thinkpad e455 
Lenovo -> Thinkpad t540 
Lenovo -> Thinkpad l560 
Lenovo -> Thinkpad e565 
Lenovo -> Thinkpad l460 bios 
Lenovo -> Thinkpad yoga 11e braswell bios 
Lenovo -> Thinkpad s3 yoga 14 bios 
Lenovo -> Thinkpad 10 ella 2 bios 
Lenovo -> Thinkpad e465 bios 

 References:
http://www.securityfocus.com/bid/100305
https://support.lenovo.com/us/en/product_security/LEN-15765

Copyright 2024, cxsecurity.com

 

Back to Top