1.67.12.23

CVSS 3.3 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

local

low complexity

lenovo

NVD

Published: 2017-06-04

Updated: 2019-10-03

Summary

In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbon 5th generation.

Vulnerable Configurations

Part	Description	Count
Application	Lenovo Lenovo Power Management 1.67.12.19 Lenovo Power Management 1.67.12.23	2
Hardware	Lenovo Lenovo Thinkpad X1 Carbon 5 -	1

References

https://support.lenovo.com/us/en/product_security/LEN-14440