CyberSecurityBoard
Sponsor Register Login

Lenovo Protection Driver Vulnerability Let Attackers Escalate Privilege and Execute Arbitrary Code

A buffer overflow vulnerability in Lenovo Protection Driver could allow local attackers with elevated privileges to execute arbitrary code on affected systems. The vulnerability, designated as CVE-2025-4657, affects multiple Lenovo applications and poses significant security risks to desktop, ThinkCentre, laptop, and ThinkPad users. Buffer overflow vulnerability allows attackers to execute arbitrary code and escalate privileges on Lenovo systems. Security researchers have classified this as a high-priority issue due to its potential impact on system integrity and the widespread deployment of affected Lenovo software across enterprise and consumer environments. Users should update Lenovo PC Manager to version 5.1.110.5082 or higher, Lenovo Browser to version 9.0.6.5061 or higher, and Lenovo App Store to version 9.0.2230.0617 or higher. These applications are commonly pre-installed on Lenovo systems and are widely used across the company’s device ecosystem, including desktop computers, ThinkCentre workstations, laptops, and ThinkPad business notebooks. Lenovo has released security patches for all affected applications and strongly recommends immediate updates. The flaw represents a significant security concern as it enables privilege escalation, allowing attackers to execute arbitrary code with system-level permissions. Users can verify their current driver version by navigating to this location, right-clicking the lrtp.sys file, selecting Properties, then Details, and checking the file version information.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 18 Jul 2025 12:15:19 +0000


Cyber News related to Lenovo Protection Driver Vulnerability Let Attackers Escalate Privilege and Execute Arbitrary Code

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Lenovo Protection Driver Vulnerability Let Attackers Escalate Privilege and Execute Arbitrary Code - A buffer overflow vulnerability in Lenovo Protection Driver could allow local attackers with elevated privileges to execute arbitrary code on affected systems. The vulnerability, designated as CVE-2025-4657, affects multiple Lenovo applications and ...
1 month ago Cybersecuritynews.com CVE-2025-4657
Lenovo Vantage Vulnerabilities Allow Attackers to Escalate Privileges as SYSTEM User - Although Lenovo’s July update raises the add-ins to VantageCoreAddin 1.0.0.199 and LenovoSystemUpdateAddin 1.0.24.32, security teams should push the patch urgently, audit registry ACLs for lingering abuse, and consider removing or restricting ...
1 month ago Cybersecuritynews.com CVE-2025-6230
Lenovo and Microsoft join forces to simplify security deployments - Lenovo and Microsoft are working together to help organizations operate more securely across their devices, users, apps, data, networks, and cloud services through a subscription-based Cyber Resiliency as a Service offering. The offering enables ...
1 year ago Helpnetsecurity.com
What is Azure Identity Protection and 7 Steps to a Seamless Setup - As a result, tools such as Microsoft's Azure Identity Protection have become a staple in protecting against compromised identities, account takeover, and misuse of privileges. Azure Identity Protection is a security service that provides a robust ...
1 year ago Securityboulevard.com
CVE-2021-22283 - Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB ...
2 years ago
10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
6 months ago Cybersecuritynews.com
Data Protection in Educational Institutions - This article delves into the significance of data protection in educational institutions, emphasizing three key areas: the types of educational data, data privacy regulations, and data protection measures. Lastly, robust data protection measures are ...
1 year ago Securityzap.com
MEDUSA Ransomware Using Malicious ABYSSWORKER Driver to Disable EDR - Elastic Security Labs analysts noted that this driver is specifically designed to target and silence different EDR vendors, effectively removing a critical layer of defense against ransomware attacks. One particularly troubling aspect of the ...
5 months ago Cybersecuritynews.com Abyss Silence Medusa
25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
1 month ago Cybersecuritynews.com
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks - Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in zero-day attacks to gain SYSTEM privileges in Windows. "Microsoft has observed threat actors (TAs) exploiting this ...
5 months ago Bleepingcomputer.com CVE-2025-0289
20 Best Endpoint Management Tools - 2025 - What is Good?What Could Be Better?Comprehensive endpoint security against many threats.The user interface may overwhelm some users.Machine learning for real-time threat detection.Integration with existing systems may be complex.A central management ...
4 months ago Cybersecuritynews.com
18 Best Web Filtering Solutions - 2025 - Pros Cons Comprehensive content filtering.Cost can be high for full features.Malware and threat protection.Hardware-based solutions may require additional infrastructure.Easy to deploy and manage.Configuration complexity for advanced ...
5 months ago Cybersecuritynews.com
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws - Lenovo is warning of high-severity BIOS flaws that could let attackers bypass Secure Boot on all-in-one desktops using customized Insyde UEFI firmware. Insyde also published a bulletin explaining that the flaws arise from OEM-specific customizations ...
3 weeks ago Bleepingcomputer.com
Securing the Digital Frontier - As we navigate through a world brimming with data, understanding the evolving landscape of data protection is not just a necessity but a responsibility. This intricate dance among technology, societal norms, and regulatory frameworks shapes our ...
1 year ago Feeds.dzone.com
10 Best EDR Tools ( Endpoint Detection & Response) - 2025 - What is good?What Could Be Better ?Provides comprehensive endpoint monitoring.Some users might find the installation and configuration process of the solution tedious.Protect your entire security stack with in-depth threat intelligence.Some users ...
5 months ago Cybersecuritynews.com
Unified API Protection - A massive segment of organizations' digital footprint today is built around internal and external APIs. As more IT leaders realize and acknowledge the size of APIs' influence, it's become clear that new methods are needed to secure those APIs. While ...
2 years ago Cequence.ai
CVE-2022-48838 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago
CVE-2023-38297 - An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of ...
1 year ago
CVE-2019-6177 - A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution ...
2 years ago
CVE-2022-48868 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago
CVE-2025-4657 - A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5.1.1110.4231, used in Lenovo PC Manager, Lenovo Browser, and Lenovo App Store could allow a local attacker with elevated privileges to execute arbitrary ...
1 month ago
Writable File in Lenovo’s Windows Directory Enables a Stealthy AppLocker Bypass - The issue affects all variants of Lenovo machines running default Windows installations and poses serious implications for enterprise security environments. This configuration creates a critical security gap in environments where AppLocker default ...
1 month ago Cybersecuritynews.com
Lenovo IdeaCentre and Yoga Laptop BIOS Vulnerabilities Execute Arbitrary Code - CVE-2025-4421 is a memory corruption in SMM’s CPU protocol service that allows attackers to write data beyond allocated memory boundaries, potentially overwriting critical system code. Out-of-bounds write vulnerability CVE-2025-4422 in ...
3 weeks ago Cybersecuritynews.com CVE-2025-4421
Best Network Security Companies for CISOs - 2025 - This guide has spotlighted the top 10 network security companies—each excelling in specific domains such as zero trust, endpoint protection, AI-driven analytics, and cloud-native security. Zscaler offers a cloud-native security platform that ...
1 month ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)