CVE-2025-8061

Published Sep 11, 2025

Last updated 3 months ago

CVSS high 7.3
Lenovo Dispatcher

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-8061 refers to a potential insufficient access control vulnerability found in the Lenovo Dispatcher 3.0 and 3.1 drivers. This vulnerability affects some Lenovo consumer notebooks and could allow a local, authenticated user to execute code with elevated privileges. The Lenovo Dispatcher 3.2 driver is not affected. It was reported that the product implements an IOCTL (Input/Output Control) with functionality that should be restricted, but it does not properly enforce access control for the IOCTL. Furthermore, this vulnerability does not affect systems where the Windows feature "Core Isolation Memory Integrity" is enabled, which is the default setting on Lenovo systems preloaded with Windows 11.

Description
A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that could allow an authenticated local user to execute code with elevated privileges. The Lenovo Dispatcher 3.2 driver is not affected. This vulnerability does not affect systems when the Windows feature Core Isolation Memory Integrity is enabled. Lenovo systems preloaded with Windows 11 have this feature enabled by default.
Source
psirt@lenovo.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
7.3
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

CVSS 3.1

Type
Primary
Base score
7
Impact score
5.9
Exploitability score
1
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

psirt@lenovo.com
CWE-782

Social media

Hype score
Not currently trending

  1. ''GitHub - symeonp/Lenovo-CVE-2025-8061: PoC for popping a system shell against the LnvMSRIO.sys driver'' #infosec #pentest #redteam #blueteam https://t.co/1727Cg15iE

    @CyberWarship

    26 Oct 2025

    2096 Impressions

    5 Retweets

    14 Likes

    7 Bookmarks

    0 Replies

    0 Quotes

  2. BYOVD to the next level (part 1). exploiting a vulnerable driver (CVE-2025-8061) TLDR; This blog post is about how to abuse a vulnerable driver to gain access to Ring-0 capabilities. https://t.co/sAnlLn9rXS https://t.co/Ybx7BWDwXX

    @5mukx

    26 Oct 2025

    7207 Impressions

    33 Retweets

    152 Likes

    80 Bookmarks

    0 Replies

    0 Quotes

  3. πŸ“š BYOVD to Next Level (CVE-2025-8061) Two-part series on exploiting Lenovo driver vulnerabilities with BYOVD. Part 1: https://t.co/IqoHmfL2sE Part 2: https://t.co/kNqXQcjceF https://t.co/7dyjmyRRbb

    @IntCyberDigest

    26 Oct 2025

    3000 Impressions

    4 Retweets

    30 Likes

    14 Bookmarks

    1 Reply

    0 Quotes

  4. ☠ Lenovo CVE-2025-8061 Exploit PoC and write-up for shell popping against LnvMSRIO.sys (3.1.0.36) driver. Try: https://t.co/sg7NDTUHsS https://t.co/mxbb3ZCmcm

    @IntCyberDigest

    25 Oct 2025

    15451 Impressions

    52 Retweets

    287 Likes

    120 Bookmarks

    2 Replies

    1 Quote

  5. Lenovo CVE-2025-8061: PoC for popping a system shell against the LnvMSRIO.sys driver GitHub: https://t.co/c5ItOO9nSU https://t.co/Mvg4rWiXYI

    @DarkWebInformer

    15 Oct 2025

    11308 Impressions

    32 Retweets

    144 Likes

    53 Bookmarks

    3 Replies

    0 Quotes

  6. Cyber threat roundup ⚠️: emerging exploits, major breaches & fraud busts from the last hour you need to know nowπŸ‘‡ πŸ›‘οΈ Lenovo patched critical local privilege escalation (CVE-2025-8061) in Dispatcher drivers affecting Windows 10/11 laptops; public PoC available ena

    @np_cyber_news

    13 Oct 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Lenovo-CVE-2025-8061 https://t.co/hFPnIfHBtN

    @kmkz_security

    6 Oct 2025

    1685 Impressions

    7 Retweets

    29 Likes

    12 Bookmarks

    0 Replies

    0 Quotes

  8. BYOVD to the next level (part 1) β€” exploiting a vulnerable driver (CVE-2025-8061) https://t.co/h5xkWRWUls

    @Dinosn

    24 Sept 2025

    2138 Impressions

    2 Retweets

    6 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  9. BYOVD to the next level (part 1) β€” exploiting a vulnerable driver (CVE-2025-8061) https://t.co/kFDvdGQnPC

    @Dinosn

    23 Sept 2025

    1570 Impressions

    1 Retweet

    1 Like

    4 Bookmarks

    0 Replies

    0 Quotes

  10. BYOVD to the next level (part 1) β€” exploiting a vulnerable driver (CVE-2025-8061) https://t.co/BVtaIiOWPg

    @warthogtk

    23 Sept 2025

    63 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. BYOVD is a well-known technique commonly used by threat actors to kill EDR πŸ”ͺ However, with the right primitives, you can do much more. Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver. πŸ‘‡ https://t.co/yKVfTYi61L https://t.c

    @quarkslab

    23 Sept 2025

    7796 Impressions

    44 Retweets

    126 Likes

    36 Bookmarks

    2 Replies

    2 Quotes

  12. CVE-2025-8061 A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that c… https://t.co/WZUUdASAOF

    @CVEnew

    11 Sept 2025

    356 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.