AI description
CVE-2025-8061 refers to a potential insufficient access control vulnerability found in the Lenovo Dispatcher 3.0 and 3.1 drivers. This vulnerability affects some Lenovo consumer notebooks and could allow a local, authenticated user to execute code with elevated privileges. The Lenovo Dispatcher 3.2 driver is not affected. It was reported that the product implements an IOCTL (Input/Output Control) with functionality that should be restricted, but it does not properly enforce access control for the IOCTL. Furthermore, this vulnerability does not affect systems where the Windows feature "Core Isolation Memory Integrity" is enabled, which is the default setting on Lenovo systems preloaded with Windows 11.
- Description
- A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that could allow an authenticated local user to execute code with elevated privileges. The Lenovo Dispatcher 3.2 driver is not affected. This vulnerability does not affect systems when the Windows feature Core Isolation Memory Integrity is enabled. Lenovo systems preloaded with Windows 11 have this feature enabled by default.
- Source
- psirt@lenovo.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 7
- Impact score
- 5.9
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- psirt@lenovo.com
- CWE-782
- Hype score
- Not currently trending
BYOVD to the next level (part 1) — exploiting a vulnerable driver (CVE-2025-8061) https://t.co/h5xkWRWUls
@Dinosn
24 Sept 2025
2138 Impressions
2 Retweets
6 Likes
1 Bookmark
0 Replies
0 Quotes
BYOVD to the next level (part 1) — exploiting a vulnerable driver (CVE-2025-8061) https://t.co/kFDvdGQnPC
@Dinosn
23 Sept 2025
1570 Impressions
1 Retweet
1 Like
4 Bookmarks
0 Replies
0 Quotes
BYOVD to the next level (part 1) — exploiting a vulnerable driver (CVE-2025-8061) https://t.co/BVtaIiOWPg
@warthogtk
23 Sept 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BYOVD is a well-known technique commonly used by threat actors to kill EDR 🔪 However, with the right primitives, you can do much more. Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver. 👇 https://t.co/yKVfTYi61L https://t.c
@quarkslab
23 Sept 2025
7796 Impressions
44 Retweets
126 Likes
36 Bookmarks
2 Replies
2 Quotes
CVE-2025-8061 A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that c… https://t.co/WZUUdASAOF
@CVEnew
11 Sept 2025
356 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes