Local Code Execution Vulnerability in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3
CVE-2023-3112

7.8HIGH

Key Information:

Vendor: Lenovo
Status: Elliptic Labs Virtual Lock Sensor; Ai Virtual Presence Sensor
Vendor: CVE Published:; 25 October 2023

What is CVE-2023-3112?

A vulnerability has been identified in the Elliptic Labs Virtual Lock Sensor for the Lenovo ThinkPad T14 Gen 3. This flaw can potentially allow an attacker with local access to execute malicious code with elevated privileges, posing significant security risks to users. It is crucial for affected users to remain vigilant and apply any recommended updates or patches from the vendor to mitigate the risk of exploitation.

Affected Version(s)

AI Virtual Presence Sensor All versions prior to 3.1.50719.1

Elliptic Labs Virtual Lock Sensor All versions prior to 3.1.50719.1

References

https://support.lenovo.com/us/en/product_security/LEN-128081

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 25, 2023
Vulnerability Reserved
Jun 5, 2023