Lenovo PC Manager Vulnerability Could Lead to System Reboot
CVE-2017-3772

5.5MEDIUM

Key Information:

Vendor: Lenovo
Status: Pc Manager
Vendor: CVE Published:; 31 July 2024

Summary

A vulnerability exists in specific versions of Lenovo PC Manager, which could permit unauthorized remote access, enabling an attacker to force a system reboot. This flaw poses risks to system availability and can lead to potential disruption of services. It is imperative for users running versions earlier than 2.6.40.3154 to update their software to mitigate this threat and enhance their cybersecurity posture.

Affected Version(s)

PC Manager 0 < 2.6.40.3154

References

https://iknow.lenovo.com.cn/detail/171959

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 31, 2024
Vulnerability Reserved
Dec 16, 2016

Credit

Lenovo thanks Xiao Xuedong for reporting this issue.