CVE-2025-2502

High CVSS: 8.5

An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.

Vendor

Product

CWE

Yayın Tarihi

2025-05-30 20:15:42

Güncelleme

2026-02-02 15:29:37

Source Identifier

psirt@lenovo.com

KEV Date Added

CWE-276 Pcmanager HIGH Lenovo 2025

https://iknow.lenovo.com.cn/detail/428586

Medium

CVE-2026-1716

An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiyin…

Medium

CVE-2026-1717

An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Ba…

Medium

CVE-2026-1715

An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiyin…

Medium

CVE-2025-13453

A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read…

Medium

CVE-2025-13454

A potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user t…

High

CVE-2025-13455

A vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to bypass T…