CVE-2017-3741

EUVD-2017-12858
In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbon 5th generation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Affected Products (NVD)
VendorProductVersion
lenovopower_management
1.67.12.19
lenovopower_management
1.67.12.23
𝑥
= Vulnerable software versions
References
https://support.lenovo.com/us/en/product_security/LEN-14440
https://support.lenovo.com/us/en/product_security/LEN-14440