Vulnerability Description
Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lenovo | Edge Keyboard Driver | <= 1.20 |
| Lenovo | Slim Usb Keyboard Driver | <= 1.20 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/95842
- https://support.lenovo.com/us/en/solutions/LEN-11588Vendor Advisory
- http://www.securityfocus.com/bid/95842
- https://support.lenovo.com/us/en/solutions/LEN-11588Vendor Advisory
FAQ
What is CVE-2016-8225?
CVE-2016-8225 is a vulnerability with a CVSS score of 7.8 (HIGH). Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges.
How severe is CVE-2016-8225?
CVE-2016-8225 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-8225?
Check the references section above for vendor advisories and patch information. Affected products include: Lenovo Edge Keyboard Driver, Lenovo Slim Usb Keyboard Driver.