Primary

Context

Lenovo Dispatcher Driver Privilege Escalation Vulnerability

Vulnerability

A vulnerability allowing insufficient access control has been identified in the Lenovo Dispatcher drivers version 3.0 and 3.1, used by certain Lenovo consumer notebooks. This vulnerability could enable an authenticated local user to execute code with elevated privileges. The issue does not affect the Lenovo Dispatcher 3.2 driver. Additionally, systems with Windows Core Isolation Memory Integrity enabled are not vulnerable; this feature is enabled by default on Lenovo devices preloaded with Windows 11.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution with elevated privileges.

Remediation

Users can update the Lenovo Dispatcher Driver to version 3.1.0.41 or higher. Instructions for downloading the updated driver are available on the Lenovo Drivers & Software support site. For Lenovo products sold in China, visit the Lenovo China support site.

Added: Sep 11, 2025, 8:29 PM

Updated: Sep 11, 2025, 8:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Lenovo Dispatcher Driver Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating