Lenovo PC Manager AI Scenario Vulnerability
CVE-2024-33581

7.8HIGH

Key Information:

Vendor: Lenovo
Status: Pc Manager Ai Intelligent Scenario
Vendor: CVE Published:; 11 October 2024

What is CVE-2024-33581?

A DLL hijack vulnerability exists in Lenovo PC Manager, specifically within the AI intelligent scenario module. This vulnerability can be exploited by local attackers to execute arbitrary code with elevated privileges on the affected systems. Such an exploit could potentially compromise sensitive data or enable unauthorized access to system resources.

Affected Version(s)

PC Manager AI intelligent scenario 0 < 5.1.80.9023

References

https://iknow.lenovo.com.cn/detail/423563

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 11, 2024
Vulnerability Reserved
Apr 24, 2024

Credit

Lenovo thanks ggid7788 for reporting this issue.