Local Code Execution Vulnerability in Lenovo PC Manager
CVE-2025-8486

8.5HIGH

Key Information:

Vendor: Lenovo
Status: Pc Manager
Vendor: CVE Published:; 15 October 2025

What is CVE-2025-8486?

A local authenticated user could exploit a vulnerability in Lenovo PC Manager, potentially allowing them to execute arbitrary code with elevated privileges, leading to unauthorized access and actions within the affected system.

Affected Version(s)

PC Manager 0 < 5.1.140.9262

References

https://iknow.lenovo.com.cn/detail/432378

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 15, 2025
Vulnerability Reserved
Aug 1, 2025

Credit

Lenovo thanks CNVD for reporting CVE-2025-8486.

JSON