Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

CVE-2025-4657: CWE-122: Heap-based Buffer Overflow in Lenovo PC Manager

High
VulnerabilityCVE-2025-4657cvecve-2025-4657cwe-122
Published: Thu Jul 17 2025 (07/17/2025, 19:22:28 UTC)
Source: CVE Database V5
Vendor/Project: Lenovo
Product: PC Manager

Description

A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5.1.1110.4231, used in Lenovo PC Manager, Lenovo Browser, and Lenovo App Store could allow a local attacker with elevated privileges to execute arbitrary code.

Technical Details

Data Version
5.1
Assigner Short Name
lenovo
Date Reserved
2025-05-13T15:36:36.096Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 68794f7fa83201eaace863f4

Added to database: 7/17/2025, 7:31:11 PM

Last updated: 7/17/2025, 7:31:11 PM

Views: 1

Related Threats

CVE-2025-6249: CWE-602: Client-Side Enforcement of Server-Side Security in Lenovo FileZ Client

High
VulnerabilityThu Jul 17 2025

CVE-2025-6248: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Lenovo Browser

High
VulnerabilityThu Jul 17 2025

CVE-2025-6232: CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') in Lenovo Vantage

High
VulnerabilityThu Jul 17 2025

CVE-2025-6231: CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') in Lenovo Vantage

High
VulnerabilityThu Jul 17 2025

CVE-2025-6230: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Lenovo Vantage

Medium
VulnerabilityThu Jul 17 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats