PT-2025-37259 · Lenovo +1 · Lenovo Dispatcher +1

Published

2025-09-11

·

Updated

2025-10-15

·

CVE-2025-8061

CVSS v3.1
7.0
VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Lenovo Dispatcher versions 3.0 and 3.1
Description An insufficient access control issue exists in Lenovo Dispatcher drivers used in some Lenovo consumer notebooks. This flaw could allow a local user with authentication to execute code with elevated privileges. The vulnerability does not affect systems when the Windows feature Core Isolation Memory Integrity is enabled, which is enabled by default on systems preloaded with Windows 11. Exploitation of this issue involves leveraging a driver's MSR read primitive to access kernel addresses and bypass security protections. The vulnerability is associated with the ability to perform Bring Your Own Vulnerable Driver (BYOVD) attacks, potentially used to kill Endpoint Detection and Response (EDR) systems.
Recommendations Lenovo Dispatcher version 3.0: Update to a newer version. Lenovo Dispatcher version 3.1: Update to a newer version. Enable the Windows feature Core Isolation Memory Integrity to mitigate the risk.

Fix

LPE

Weakness Enumeration

Related Identifiers

CVE-2025-8061

Affected Products

Lenovo Dispatcher
Windows 11