CVE-2025-8098

CWE-276 — Incorrect Default Permissions3 documents3 sources

Severity

8.5HIGH

EPSS

0.0%

top 95.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Lenovo PC Manager Lenovo Pcmanager

Timeline

PublishedAug 18

Description

An improper permission vulnerability was reported in Lenovo PC Manager that could allow a local attacker to escalate privileges.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶NVDlenovo/pcmanager< 5.1.120.7041

▶CVEListV5lenovo/pc_manager< 5.1.120.7041

🔴Vulnerability Details

GHSA

GHSA-jj6m-4xx6-2vrf: An improper permission vulnerability was reported in Lenovo PC Manager that could allow a local attacker to escalate privileges↗2025-08-18

▶

CVEList

CVE-2025-8098: An improper permission vulnerability was reported in Lenovo PC Manager that could allow a local attacker to escalate privileges↗2025-08-18

▶