Vulnerabilities > CVE-2017-3767 - Unspecified vulnerability in Realtek Audio Driver Firmware

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

realtek

NVD

Published: 2017-11-13

Updated: 2019-10-03

Summary

A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products. An attacker with local privileges could execute code with administrative privileges.

Vulnerable Configurations

Part	Description	Count
OS	Realtek Realtek Audio Driver Firmware *	1
Hardware	Lenovo Lenovo Thinkpad 10 - Lenovo Thinkpad 11E - Lenovo Thinkpad 13 - Lenovo Thinkpad L450 - Lenovo Thinkpad L460 - Lenovo Thinkpad L470 KBL - Lenovo Thinkpad L470 SKL - Lenovo Thinkpad L560 - Lenovo Thinkpad P50 - Lenovo Thinkpad P50S - Lenovo Thinkpad P51S - Lenovo Thinkpad P70 - Lenovo Thinkpad P71 - Lenovo Thinkpad S1 - Lenovo Thinkpad S1 Yoga - Lenovo Thinkpad S1 Yoga 12 - Lenovo Thinkpad S2 - Lenovo Thinkpad T440 - Lenovo Thinkpad T440P - Lenovo Thinkpad T440S - Lenovo Thinkpad T450 - Lenovo Thinkpad T450S - Lenovo Thinkpad T460 - Lenovo Thinkpad T460P - Lenovo Thinkpad T460S - Lenovo Thinkpad T470 - Lenovo Thinkpad T470P - Lenovo Thinkpad T470S SKL - Lenovo Thinkpad T540P - Lenovo Thinkpad T550 - Lenovo Thinkpad T560 - Lenovo Thinkpad T570 - Lenovo Thinkpad W540 - Lenovo Thinkpad W541 - Lenovo Thinkpad W550S - Lenovo Thinkpad X1 Carbon - Lenovo Thinkpad X1 Tablet - Lenovo Thinkpad X1 Yoga - Lenovo Thinkpad X1C - Lenovo Thinkpad X240 - Lenovo Thinkpad X240S - Lenovo Thinkpad X250 - Lenovo Thinkpad X260 - Lenovo Thinkpad X270 KBL - Lenovo Thinkpad X270 SKL - Lenovo Thinkpad Yoga 11E -	46

References

https://support.lenovo.com/us/en/product_security/LEN-15759