CVE-2021-3462 - Vulnerability Details

A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00121.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Lenovo

Power Management Driver for Windows 10

affected

Version	Status	Constraints
`unspecified`	affected	< 1.67.17.54

Configuration 1 [-]

AND

cpe:2.3:a:lenovo:power_management_driver:*:*:*:*:*:windows_10:*:*

OR	cpe:2.3:h:lenovo:thinkpad_11e_gen_5:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_11e_yoga_gen_6:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_13_gen_2:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_25:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_a275:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_a285:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_a475:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_a485:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e14:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e14_gen2:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e15:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e15_gen2:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e470:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e470c:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e475:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e480:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e490:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e495:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e570:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e570c:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e575:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e580:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e590:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_e595:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l13:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l13_gen_1:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l13_gen_2:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l13_yoga:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_1:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_2:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l14_gen_1:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l14_gen_2:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l15_gen_1:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l15_gen_2:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l380:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l380_yoga:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l390:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l390_yoga:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l470:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l480:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l490:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l570:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l580:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_l590:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p1:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p1_gen_2:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p1_gen_3:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p14s_gen_1:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p14s_gen_2:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p15_gen_1:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p15s_gen_1:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p15s_gen_2:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p15v_gen_1:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p17_gen_1:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p43s:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p51:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p51s:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p52:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p52s:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p53:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p53s:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p71:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p72:-:::::::*
	cpe:2.3:h:lenovo:thinkpad_p73:-:::::::*
cpe:2.3:h:lenovo:thinkpad_r14:-:::::::*
cpe:2.3:h:lenovo:thinkpad_r14_gen_2:-:::::::*
cpe:2.3:h:lenovo:thinkpad_r480:-:::::::*
cpe:2.3:h:lenovo:thinkpad_s1_gen_4:-:::::::*
cpe:2.3:h:lenovo:thinkpad_s2_gen_2:-:::::::*
cpe:2.3:h:lenovo:thinkpad_s2_gen_5:-:::::::*
cpe:2.3:h:lenovo:thinkpad_s2_gen_6:-:::::::*
cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_5:-:::::::*
cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_6:-:::::::*
cpe:2.3:h:lenovo:thinkpad_s3_gen_2:-:::::::*
cpe:2.3:h:lenovo:thinkpad_s5_gen_2:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t14_gen_1:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t14_gen_2:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t14s_gen_1:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t14s_gen_2i:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t15_gen_1:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t15_gen_2:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t15g_gen_1:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t15p_gen_1:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t470:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t470p:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t470s:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t480:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t480s:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t490:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t490s:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t495:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t570:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t580:-:::::::*
cpe:2.3:h:lenovo:thinkpad_t590:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_carbon_gen_5:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_carbon_gen_6:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_carbon_gen_7:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_carbon_gen_8:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_carbon_gen_9:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_extreme:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_extreme_2nd:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_extreme_gen_3:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_nano_gen_1:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_tablet_gen_2:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_tablet_gen_3:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_titanium_gen_1:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_yoga_gen_2:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_yoga_gen_3:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_yoga_gen_4:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_yoga_gen_5:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x1_yoga_gen_6:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x12:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x13_gen_1:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x13_gen_2i:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x13_yoga_gen_1:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x13_yoga_gen_2:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x270:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x280:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x380_yoga:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x390:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x390_yoga:-:::::::*
cpe:2.3:h:lenovo:thinkpad_x395:-:::::::*
cpe:2.3:h:lenovo:thinkpad_yoga_11e_gen_5:-:::::::*
cpe:2.3:h:lenovo:thinkpad_yoga_370:-:::::::*

No data.

Project Subscriptions

Vendors	Products
Lenovo Subscribe	Power Management Driver Subscribe Thinkpad 11e Gen 5 Subscribe Thinkpad 11e Yoga Gen 6 Subscribe Thinkpad 13 Gen 2 Subscribe Thinkpad 25 Subscribe Thinkpad A275 Subscribe Thinkpad A285 Subscribe Thinkpad A475 Subscribe Thinkpad A485 Subscribe Thinkpad E14 Subscribe Thinkpad E14 Gen2 Subscribe Thinkpad E15 Subscribe Thinkpad E15 Gen2 Subscribe Thinkpad E470 Subscribe Thinkpad E470c Subscribe Thinkpad E475 Subscribe Thinkpad E480 Subscribe Thinkpad E490 Subscribe Thinkpad E495 Subscribe Thinkpad E570 Subscribe Thinkpad E570c Subscribe Thinkpad E575 Subscribe Thinkpad E580 Subscribe Thinkpad E590 Subscribe Thinkpad E595 Subscribe Thinkpad L13 Subscribe Thinkpad L13 Gen 1 Subscribe Thinkpad L13 Gen 2 Subscribe Thinkpad L13 Yoga Subscribe Thinkpad L13 Yoga Gen 1 Subscribe Thinkpad L13 Yoga Gen 2 Subscribe Thinkpad L14 Gen 1 Subscribe Thinkpad L14 Gen 2 Subscribe Thinkpad L15 Gen 1 Subscribe Thinkpad L15 Gen 2 Subscribe Thinkpad L380 Subscribe Thinkpad L380 Yoga Subscribe Thinkpad L390 Subscribe Thinkpad L390 Yoga Subscribe Thinkpad L470 Subscribe Thinkpad L480 Subscribe Thinkpad L490 Subscribe Thinkpad L570 Subscribe Thinkpad L580 Subscribe Thinkpad L590 Subscribe Thinkpad P1 Subscribe Thinkpad P14s Gen 1 Subscribe Thinkpad P14s Gen 2 Subscribe Thinkpad P15 Gen 1 Subscribe Thinkpad P15s Gen 1 Subscribe Thinkpad P15s Gen 2 Subscribe Thinkpad P15v Gen 1 Subscribe Thinkpad P17 Gen 1 Subscribe Thinkpad P1 Gen 2 Subscribe Thinkpad P1 Gen 3 Subscribe Thinkpad P43s Subscribe Thinkpad P51 Subscribe Thinkpad P51s Subscribe Thinkpad P52 Subscribe Thinkpad P52s Subscribe Thinkpad P53 Subscribe Thinkpad P53s Subscribe Thinkpad P71 Subscribe Thinkpad P72 Subscribe Thinkpad P73 Subscribe Thinkpad R14 Subscribe Thinkpad R14 Gen 2 Subscribe Thinkpad R480 Subscribe Thinkpad S1 Gen 4 Subscribe Thinkpad S2 Gen 2 Subscribe Thinkpad S2 Gen 5 Subscribe Thinkpad S2 Gen 6 Subscribe Thinkpad S2 Yoga Gen 5 Subscribe Thinkpad S2 Yoga Gen 6 Subscribe Thinkpad S3 Gen 2 Subscribe Thinkpad S5 Gen 2 Subscribe Thinkpad T14 Gen 1 Subscribe Thinkpad T14 Gen 2 Subscribe Thinkpad T14s Gen 1 Subscribe Thinkpad T14s Gen 2i Subscribe Thinkpad T15 Gen 1 Subscribe Thinkpad T15 Gen 2 Subscribe Thinkpad T15g Gen 1 Subscribe Thinkpad T15p Gen 1 Subscribe Thinkpad T470 Subscribe Thinkpad T470p Subscribe Thinkpad T470s Subscribe Thinkpad T480 Subscribe Thinkpad T480s Subscribe Thinkpad T490 Subscribe Thinkpad T490s Subscribe Thinkpad T495 Subscribe Thinkpad T570 Subscribe Thinkpad T580 Subscribe Thinkpad T590 Subscribe Thinkpad X12 Subscribe Thinkpad X13 Gen 1 Subscribe Thinkpad X13 Gen 2i Subscribe Thinkpad X13 Yoga Gen 1 Subscribe Thinkpad X13 Yoga Gen 2 Subscribe Thinkpad X1 Carbon Gen 5 Subscribe Thinkpad X1 Carbon Gen 6 Subscribe Thinkpad X1 Carbon Gen 7 Subscribe Thinkpad X1 Carbon Gen 8 Subscribe Thinkpad X1 Carbon Gen 9 Subscribe Thinkpad X1 Extreme Subscribe Thinkpad X1 Extreme 2nd Subscribe Thinkpad X1 Extreme Gen 3 Subscribe Thinkpad X1 Nano Gen 1 Subscribe Thinkpad X1 Tablet Gen 2 Subscribe Thinkpad X1 Tablet Gen 3 Subscribe Thinkpad X1 Titanium Gen 1 Subscribe Thinkpad X1 Yoga Gen 2 Subscribe Thinkpad X1 Yoga Gen 3 Subscribe Thinkpad X1 Yoga Gen 4 Subscribe Thinkpad X1 Yoga Gen 5 Subscribe Thinkpad X1 Yoga Gen 6 Subscribe Thinkpad X270 Subscribe Thinkpad X280 Subscribe Thinkpad X380 Yoga Subscribe Thinkpad X390 Subscribe Thinkpad X390 Yoga Subscribe Thinkpad X395 Subscribe Thinkpad Yoga 11e Gen 5 Subscribe Thinkpad Yoga 370 Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2021-26784	A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object.

Fixes

Solution

Update to Lenovo Power Management Driver for Windows 10 version 1.67.17.54 or higher.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://support.lenovo.com/us/en/product_security/LEN-59174

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: lenovo

Published: 2021-04-13T20:41:44

Updated: 2024-08-03T16:53:17.876Z

Reserved: 2021-03-23T00:00:00

Link: CVE-2021-3462

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-04-13T21:15:25.193

Modified: 2024-11-21T06:21:36.003

Link: CVE-2021-3462

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object