CVE-2017-3741

In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbon 5th generation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
lenovoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
lenovopower_management
1.67.12.19
lenovopower_management
1.67.12.23
𝑥
= Vulnerable software versions
References
https://support.lenovo.com/us/en/product_security/LEN-14440
https://support.lenovo.com/us/en/product_security/LEN-14440