Power Management
by Lenovo
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-3804 | Hig | 0.51 | 7.8 | 0.00 | Jul 11, 2016 | The MediaTek power management driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28332766 and MediaTek internal bug ALPS02694410. | ||
| CVE-2025-9548 | Med | 0.36 | 5.5 | 0.00 | Oct 15, 2025 | A potential null pointer dereference vulnerability was reported in the Lenovo Power Management Driver that could allow a local authenticated user to cause a Windows blue screen error. | ||
| CVE-2017-3741 | Low | 0.21 | 3.3 | 0.00 | Jun 4, 2017 | In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbon 5th generation. | ||
| CVE-2019-6192 | 0.03 | — | 0.02 | Dec 10, 2019 | A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service. | |||
| CVE-2021-3633 | 0.00 | — | 0.00 | Aug 17, 2021 | A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation. | |||
| CVE-2021-3462 | 0.00 | — | 0.00 | Apr 13, 2021 | A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object. | |||
| CVE-2021-3463 | 0.00 | — | 0.00 | Apr 13, 2021 | A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error. | |||
| CVE-2020-8326 | 0.00 | — | 0.00 | Jul 24, 2020 | An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges. | |||
| CVE-2020-8317 | 0.00 | — | 0.00 | Jul 24, 2020 | A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges. | |||
| CVE-2019-6183 | 0.00 | — | 0.02 | Dec 10, 2019 | A denial of service vulnerability has been reported in Lenovo Energy Management Driver for Windows 10 versions prior to 15.11.29.7 that could cause systems to experience a blue screen error. Lenovo Energy Management is a client utility. Lenovo XClarity Energy Manager is not… |
- risk 0.51cvss 7.8epss 0.00
The MediaTek power management driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28332766 and MediaTek internal bug ALPS02694410.
- risk 0.36cvss 5.5epss 0.00
A potential null pointer dereference vulnerability was reported in the Lenovo Power Management Driver that could allow a local authenticated user to cause a Windows blue screen error.
- risk 0.21cvss 3.3epss 0.00
In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbon 5th generation.
- CVE-2019-6192Dec 10, 2019risk 0.03cvss —epss 0.02
A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service.
- CVE-2021-3633Aug 17, 2021risk 0.00cvss —epss 0.00
A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation.
- CVE-2021-3462Apr 13, 2021risk 0.00cvss —epss 0.00
A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object.
- CVE-2021-3463Apr 13, 2021risk 0.00cvss —epss 0.00
A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error.
- CVE-2020-8326Jul 24, 2020risk 0.00cvss —epss 0.00
An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.
- CVE-2020-8317Jul 24, 2020risk 0.00cvss —epss 0.00
A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.
- CVE-2019-6183Dec 10, 2019risk 0.00cvss —epss 0.02
A denial of service vulnerability has been reported in Lenovo Energy Management Driver for Windows 10 versions prior to 15.11.29.7 that could cause systems to experience a blue screen error. Lenovo Energy Management is a client utility. Lenovo XClarity Energy Manager is not…