A DLL hijack vulnerability was reported in Lenovo PC Manager AI intelligent scenario that could allow a local attacker to execute code with elevated privileges.
Fixes

Solution

Update Lenovo PC Manager AI intelligent scenario to version 5.1.80.9023 or later.


Workaround

No workaround given by the vendor.

References
History

Fri, 11 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Lenovo
Lenovo pcmanager
CPEs cpe:2.3:a:lenovo:pcmanager:-:*:*:*:*:*:*:*
Vendors & Products Lenovo
Lenovo pcmanager
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 11 Oct 2024 15:30:00 +0000

Type Values Removed Values Added
Description A DLL hijack vulnerability was reported in Lenovo PC Manager AI intelligent scenario that could allow a local attacker to execute code with elevated privileges.
Weaknesses CWE-427
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: lenovo

Published:

Updated: 2024-10-11T16:34:14.867Z

Reserved: 2024-04-24T13:34:19.756Z

Link: CVE-2024-33581

cve-icon Vulnrichment

Updated: 2024-10-11T16:33:48.510Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-10-11T16:15:05.943

Modified: 2024-10-15T12:58:51.050

Link: CVE-2024-33581

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.