CVE-2023-34419
CVSS 3.1 Score 6.7 of 10 (medium)
Details
Summary
CVE-2023-34419 is a recently disclosed vulnerability affecting some Lenovo Notebook models. This issue involves a buffer overflow in the SetupUtility driver, which can be exploited by an attacker with local access and elevated privileges. By manipulating specially crafted input, the attacker can execute arbitrary code on the affected system. This is a serious concern since the SetupUtility driver has broad access to system resources, potentially enabling the attacker to take full control of the affected Lenovo Notebook. It is crucial that Lenovo releases a patch to address this vulnerability as soon as possible to prevent potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Lenovo Companies