CVE-2025-4657

Summary

A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5.1.1110.4231, used in Lenovo PC Manager, Lenovo Browser, and Lenovo App Store could allow a local attacker with elevated privileges to execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
LenovoPC Manager0 < 5.1.110.5082affected
LenovoBrowser0 < 9.0.6.5061affected
LenovoApp Store0 < 9.0.2230.0617affected

Weaknesses

  • CWE-122: CWE-122: Heap-based Buffer Overflow

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References