CVE-2025-10237
6.7 MEDIUMDuring an internal security assessment, a potential vulnerability was discovered in some ThinkPad embedded controller firmware that could...
Published: 2026-06-10 · Last updated: 2026-06-10
Severity and scoring
- CVSS
- 6.7 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-327
Description
During an internal security assessment, a potential vulnerability was discovered in some ThinkPad embedded controller firmware that could allow a privileged local user to perform arbitrary reads or writes to privileged memory regions.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-11481 — A vulnerability was determined in yoanbernabeu grepai up to 0.35.0 (2.5 LOW)
- CVE-2026-11479 — A vulnerability has been found in yoanbernabeu grepai 0.35.0 (4.2 MEDIUM)
- CVE-2026-46395 — HAX CMS helps manage microsite universe with PHP or NodeJs backends
- CVE-2026-11330 — A weakness has been identified in thedotmack claude-mem up to 11.0.1 (3.6 LOW)
- CVE-2026-11329 — A vulnerability has been found in onnx onnx-mlir up to 0.5.0.0 (3.6 LOW)