Lenovo PC Manager lets local users kill important system processes

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.8

Lenovo PC Manager lets local users kill important system processes

CVE-2026-2640

Summary

If an attacker has local access to a Lenovo PC with PC Manager installed, they can potentially shut down critical system processes, disrupting the computer's functionality. This is a concern because it could allow an attacker to gain more control over the system or cause inconvenience to the user. Lenovo has likely already addressed this issue in a recent update, so it's essential to keep Lenovo PC Manager up to date to prevent this vulnerability.

Original title

During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes.

Original description

During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes.

nvd CVSS3.1 5.5

nvd CVSS4.0 6.8

Vulnerability type

CWE-269 Improper Privilege Management

https://iknow.lenovo.com.cn/detail/438816

Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026