An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM)

that could allow a local attacker to escalate privileges to kernel.
Fixes

Solution

Update Lenovo Display Control Center to version 3.0.29082.0 or later.


Workaround

No workaround given by the vendor.

History

Fri, 16 Aug 2024 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Lenovo
Lenovo accessories And Display Manager
Lenovo display Control Center
CPEs cpe:2.3:a:lenovo:accessories_and_display_manager:*:*:*:*:*:*:*:*
cpe:2.3:o:lenovo:display_control_center:*:*:*:*:*:*:*:*
Vendors & Products Lenovo
Lenovo accessories And Display Manager
Lenovo display Control Center
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 16 Aug 2024 14:30:00 +0000

Type Values Removed Values Added
Description An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM) that could allow a local attacker to escalate privileges to kernel.
Weaknesses CWE-276
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: lenovo

Published:

Updated: 2024-08-16T15:08:37.647Z

Reserved: 2024-05-10T16:48:15.261Z

Link: CVE-2024-4763

cve-icon Vulnrichment

Updated: 2024-08-16T15:08:25.234Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-08-16T15:15:30.563

Modified: 2024-08-19T13:00:23.117

Link: CVE-2024-4763

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.