What is CVE-2017-3767?

CVE-2017-3767 is a high-severity vulnerability in Lenovo Thinkpad_10. CVSS score: 7.8/10. Published 2017-11-13.

How severe is CVE-2017-3767?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Lenovo Thinkpad_10

CVE-2017-3767

A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products. An attacker with local privileges could execute code with administrative privileges.

EPSS: 0.004 (34.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Lenovo Thinkpad_10
Lenovo Thinkpad_11e
Lenovo Thinkpad_13
Lenovo Thinkpad_l450
Lenovo Thinkpad_l460
Lenovo Thinkpad_l470_kbl
Lenovo Thinkpad_l470_skl
Lenovo Thinkpad_l560
Lenovo Thinkpad_p50
Lenovo Thinkpad_p50s

References

psirt@lenovo.com (x_refsource_CONFIRM, Third Party Advisory, Issue Tracking)

Frequently asked questions

What is CVE-2017-3767?: CVE-2017-3767 is a high-severity vulnerability in Lenovo Thinkpad_10. CVSS score: 7.8/10. Published 2017-11-13.
How severe is CVE-2017-3767?: High severity. CVSS v3 base score is 7.8 out of 10.