CVE-2023-3112

Summary

A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that could allow an attacker with local access to execute code with elevated privileges.

Affected Software

VendorProductVersion RangeStatus
LenovoElliptic Labs Virtual Lock SensorAll versions prior to 3.1.50719.1affected
LenovoAI Virtual Presence SensorAll versions prior to 3.1.50719.1affected

Weaknesses

  • CWE-276: CWE-276 Incorrect Default Permissions

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References