exploitDog

CVE-2017-3757

Опубликовано: 29 авг. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

An unquoted service path vulnerability was identified in the driver for the ElanTech Touchpad, various versions, used on some Lenovo brand notebooks (not ThinkPads). This could allow an attacker with local privileges to execute code with administrative privileges.

Ссылки

https://support.lenovo.com/us/en/product_security/LEN-14390
Patch
Vendor Advisory
https://support.lenovo.com/us/en/product_security/LEN-14390
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:emc:elan_touchpad_driver:*:*:*:*:*:*:*:*

Версия до 11.4.1.6 (включая)

EPSS

Процентиль: 13%

0.00044

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-428

Связанные уязвимости

GHSA-6fwv-wgrv-c6gj

CVSS3: 7.8

github

больше 3 лет назад

An unquoted service path vulnerability was identified in the driver for the ElanTech Touchpad, various versions, used on some Lenovo brand notebooks (not ThinkPads). This could allow an attacker with local privileges to execute code with administrative privileges.

EPSS

Процентиль: 13%

0.00044

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-428