Unquoted Service Path Vulnerability in ElanTech Touchpad Driver for Lenovo Notebooks

Unquoted Service Path Vulnerability in ElanTech Touchpad Driver for Lenovo Notebooks

CVE-2017-3757 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

An unquoted service path vulnerability was identified in the driver for the ElanTech Touchpad, various versions, used on some Lenovo brand notebooks (not ThinkPads). This could allow an attacker with local privileges to execute code with administrative privileges.

Learn more about our Web Application Penetration Testing UK.