Skip to main content

Pcmanager CVE-2025-2501

HIGH
Untrusted Search Path (CWE-426)
2025-05-30 psirt@lenovo.com
8.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 18:44 vuln.today
CVE Published
May 30, 2025 - 20:15 nvd
HIGH 8.5

DescriptionCVE.org

An untrusted search path vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.

AnalysisAI

An untrusted search path vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-426. An untrusted search path vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges. Affected products include: Lenovo Pcmanager.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2025-63946 HIGH POC
7.4 Feb 23

A privilege escalation (PE) vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Windows devices enables

CVE-2022-1513 HIGH
8.8 Aug 23

A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution wh

CVE-2025-2502 HIGH
8.5 May 30

An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to ele

CVE-2022-0192 HIGH
7.8 Apr 22

A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow privilege

CVE-2021-3550 HIGH
7.8 Jul 16

A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.500.5102, that could allow privil

CVE-2021-3464 HIGH
7.8 Apr 27

A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow privil

CVE-2020-8351 HIGH
7.8 Nov 30

A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an a

CVE-2020-1817 HIGH
7.8 Apr 30

Huawei PCManager with versions earlier than 10.0.1.36 has a privilege escalation vulnerability. Rated high severity (CVS

CVE-2020-1844 HIGH
7.8 Feb 28

PCManager with versions earlier than 10.0.5.51 have a privilege escalation vulnerability in Huawei PCManager products. R

CVE-2019-5223 HIGH
7.8 Aug 13

PCManager 9.1.3.1 has an improper authentication vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no

CVE-2019-5242 HIGH
7.8 Jun 06

There is a code execution vulnerability in Huawei PCManager versions earlier than PCManager 9.0.1.50. Rated high severit

CVE-2019-5241 HIGH
7.8 Jun 06

There is a privilege escalation vulnerability in Huawei PCManager versions earlier than PCManager 9.0.1.50. Rated high s

Share

CVE-2025-2501 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy