Vulnerability Details : CVE-2017-3767
A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products. An attacker with local privileges could execute code with administrative privileges.
Vulnerability category: Execute codeGain privilege
Products affected by CVE-2017-3767
- cpe:2.3:o:realtek:audio_driver_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-3767
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-3767
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
References for CVE-2017-3767
-
https://support.lenovo.com/us/en/product_security/LEN-15759
Local Privilege Escalation in Realtek Audio Driver - USIssue Tracking;Third Party Advisory
Jump to