CVE-2017-3757

Summary

An unquoted service path vulnerability was identified in the driver for the ElanTech Touchpad, various versions, used on some Lenovo brand notebooks (not ThinkPads). This could allow an attacker with local privileges to execute code with administrative privileges.

Affected Software

VendorProductVersion RangeStatus
Lenovo Group Ltd.Lenovo ElanTech Touchpad drivervarious versionsaffected

Weaknesses

  • Privilege escalation

ADP Enrichment

CVE Program Container

Additional References

References