Main
Vulnerability Database
Exploits
ID:12076 - Exploit for Incorrect default permissions in Lenovo products - CVE-2025-0886
ID:12076 - Exploit for Incorrect default permissions in Lenovo products - CVE-2025-0886
Published: November 7, 2025
Vulnerability identifier: #VU113352
Vulnerability risk: Low
CVE-ID: CVE-2025-0886
CWE-ID: CWE-276
Exploitation vector: Local access
Vulnerable software:
ThinkPad P1 Gen 6 21FV
ThinkPad P1 Gen 6 21FW
ThinkPad P1 Gen 7 21KV
ThinkPad P1 Gen 7 21KW
ThinkPad P14s Gen 4 21HF
ThinkPad P14s Gen 4 21HG
ThinkPad P14s Gen 4 21K5
ThinkPad P14s Gen 4 21K6
ThinkPad P14s Gen 5 21G2
ThinkPad P14s Gen 5 21G3
ThinkPad P14s Gen 5 21ME
ThinkPad P14s Gen 5 21MF
ThinkPad P16 Gen 2 21FA
ThinkPad P16 Gen 2 21FB
ThinkPad P16s Gen 2 21HK
ThinkPad P16s Gen 2 21HL
ThinkPad P16s Gen 2 21K9
ThinkPad P16s Gen 2 21KA
ThinkPad P16s Gen 3 21KS
ThinkPad P16s Gen 3 21KT
ThinkPad P16v Gen 1 21FC
ThinkPad P16v Gen 1 21FD
ThinkPad P16v Gen 1 21FE
ThinkPad P16v Gen 1 21FF
ThinkPad P16v Gen 2 21KX
ThinkPad P16v Gen 2 21KY
ThinkPad T14 Gen 3 21AH
ThinkPad T14 Gen 3 21AJ
ThinkPad T14 Gen 3 21CF
ThinkPad T14 Gen 3 21CG
ThinkPad T14 Gen 4 21HD
ThinkPad T14 Gen 4 21HE
ThinkPad T14 Gen 4 21K3
ThinkPad T14 Gen 4 21K4
ThinkPad T14 Gen 5 21MC
ThinkPad T14 Gen 5 21MD
ThinkPad T14 Gen 5 21ML
ThinkPad T14 Gen 5 21MM
ThinkPad T14s Gen 4 21F6
ThinkPad T14s Gen 4 21F7
ThinkPad T14s Gen 4 21F8
ThinkPad T14s Gen 4 21F9
ThinkPad T14s Gen 5 21LS
ThinkPad T14s Gen 5 21LT
ThinkPad T14s Gen 6 21M1
ThinkPad T14s Gen 6 21M2
ThinkPad T16 Gen 2 21HH
ThinkPad T16 Gen 2 21HJ
ThinkPad T16 Gen 2 21K7
ThinkPad T16 Gen 2 21K8
ThinkPad T16 Gen 3 21MN
ThinkPad T16 Gen 3 21MQ
ThinkPad X1 2-in-1 Gen 9 21KE
ThinkPad X1 2-in-1 Gen 9 21KF
ThinkPad X1 Carbon 12th Gen 21KC
ThinkPad X1 Carbon 12th Gen 21KD
ThinkPad X13 2-in-1 Gen 5 21LW
ThinkPad X13 2-in-1 Gen 5 21LX
ThinkPad X13 Gen 4 21EX
ThinkPad X13 Gen 4 21EY
ThinkPad X13 Gen 4 21J3
ThinkPad X13 Gen 4 21J4
ThinkPad X13 Gen 5 21LU
ThinkPad X13 Gen 5 21LV
ThinkPad X13 Yoga Gen 4 21F2
ThinkPad X13 Yoga Gen 4 21F3
Elliptic Virtual Lock Sensor Service for Windows 11 (Version 21H2 or later), 10 64-bit (Version 21H2 or later) - ThinkPad P1 Gen 6 (Type 21FV, 21FW)
Elliptic Human Presence Detection Driver for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad P1 Gen 7 (Type 21KV, 21KW)
Elliptic Virtual Lock Sensor Service for Windows 11 (Version 21H2 or later), 10 64-bit (Version 21H2 or later) - ThinkPad
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later) 10 (Version 22H2 or later) - ThinkPad P14s Gen 4 (Type 21K5, 21K6), T14 Gen 4 (Type 21K3, 21K4)
Elliptic Human Presence Detection Driver for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad P14s Gen 5 (Type 21G2, 21G3), P16s Gen 3 (Type 21KS, 21KT)
Elliptic Human Presence Detection Device Driver for Windows 10 (Version 21H2 or later) - ThinkPad P14s Gen 5 (Type 21ME, 21MF), T14 Gen 5 (Type 21MC, 21MD)
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad P14s Gen 5 (Type 21ME, 21MF), T14 Gen 5 (Type 21MC, 21MD)
Elliptic Human Presence detection Device Driver for Windows 11 (Version 21H2 or later), 10 (Version 21H2 or later) - ThinkPad P16 Gen 2 (Type 21FA, 21FB)
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later) 10 (Version 22H2 or later) - ThinkPad P16s Gen 2 (Type 21K9, 21KA), T16 Gen 2 (Type 21K7 21K8)
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 21H2 or later), 10 (Version 21H2 or later) - ThinkPad P16v Gen 1 (Type 21FC, 21FD)
Elliptic Human Presence Detection Driver for Windows 11 (Version 21H2 or later), 10 (Version 21H2 or later) - ThinkPad P16v Gen 1 (Type 21FE, 21FF)
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad P16v Gen 2 (Type 21KX, 21KY)
Elliptic Virtual Lock Sensor Service for Windows 11 (Version 21H2 or later), 10 64-bit (Version 20H2 or later) - ThinkPad T14 Gen 3 (Type 21AH, 21AJ)
Elliptic Virtual Lock Sensor service for Windows 11 (Version 21H2 or Later), 10 64-bit (Version 20H2 or Later) - ThinkPad T14 Gen 3 (Type 21CF, 21CG)
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later), 10 (Version 22H2 or later) - ThinkPad T14s Gen 4 (Type 21F8, 21F9)
Elliptic Human Presence Detection driver for Windows 11 (Version 23H2 or later) - ThinkPad T14s Gen 6 (Type 21M1, 21M2)
Elliptic Virtual Lock Sensor Service for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad X1 Carbon 12th Gen (Type 21KC, 21KD), X1 2-in-1 Gen 9 (Type 21KE, 21KF)
Elliptic Virtual Lock Sensor for Windows 11 (Version 21H2 or later), 10 (Version 21H2 or later) - ThinkPad X13 Gen 4 (Type 21EX, 21EY), X13 Yoga Gen 4 (Type 21F2, 21F3)
Elliptic Human Presence Detection Driver for Windows 11 (Version 21H2 or later), 10 (Version 21H1 or later) - ThinkPad X13 Gen 4 (Type 21J3, 21J4)
ThinkPad P1 Gen 6 21FV
ThinkPad P1 Gen 6 21FW
ThinkPad P1 Gen 7 21KV
ThinkPad P1 Gen 7 21KW
ThinkPad P14s Gen 4 21HF
ThinkPad P14s Gen 4 21HG
ThinkPad P14s Gen 4 21K5
ThinkPad P14s Gen 4 21K6
ThinkPad P14s Gen 5 21G2
ThinkPad P14s Gen 5 21G3
ThinkPad P14s Gen 5 21ME
ThinkPad P14s Gen 5 21MF
ThinkPad P16 Gen 2 21FA
ThinkPad P16 Gen 2 21FB
ThinkPad P16s Gen 2 21HK
ThinkPad P16s Gen 2 21HL
ThinkPad P16s Gen 2 21K9
ThinkPad P16s Gen 2 21KA
ThinkPad P16s Gen 3 21KS
ThinkPad P16s Gen 3 21KT
ThinkPad P16v Gen 1 21FC
ThinkPad P16v Gen 1 21FD
ThinkPad P16v Gen 1 21FE
ThinkPad P16v Gen 1 21FF
ThinkPad P16v Gen 2 21KX
ThinkPad P16v Gen 2 21KY
ThinkPad T14 Gen 3 21AH
ThinkPad T14 Gen 3 21AJ
ThinkPad T14 Gen 3 21CF
ThinkPad T14 Gen 3 21CG
ThinkPad T14 Gen 4 21HD
ThinkPad T14 Gen 4 21HE
ThinkPad T14 Gen 4 21K3
ThinkPad T14 Gen 4 21K4
ThinkPad T14 Gen 5 21MC
ThinkPad T14 Gen 5 21MD
ThinkPad T14 Gen 5 21ML
ThinkPad T14 Gen 5 21MM
ThinkPad T14s Gen 4 21F6
ThinkPad T14s Gen 4 21F7
ThinkPad T14s Gen 4 21F8
ThinkPad T14s Gen 4 21F9
ThinkPad T14s Gen 5 21LS
ThinkPad T14s Gen 5 21LT
ThinkPad T14s Gen 6 21M1
ThinkPad T14s Gen 6 21M2
ThinkPad T16 Gen 2 21HH
ThinkPad T16 Gen 2 21HJ
ThinkPad T16 Gen 2 21K7
ThinkPad T16 Gen 2 21K8
ThinkPad T16 Gen 3 21MN
ThinkPad T16 Gen 3 21MQ
ThinkPad X1 2-in-1 Gen 9 21KE
ThinkPad X1 2-in-1 Gen 9 21KF
ThinkPad X1 Carbon 12th Gen 21KC
ThinkPad X1 Carbon 12th Gen 21KD
ThinkPad X13 2-in-1 Gen 5 21LW
ThinkPad X13 2-in-1 Gen 5 21LX
ThinkPad X13 Gen 4 21EX
ThinkPad X13 Gen 4 21EY
ThinkPad X13 Gen 4 21J3
ThinkPad X13 Gen 4 21J4
ThinkPad X13 Gen 5 21LU
ThinkPad X13 Gen 5 21LV
ThinkPad X13 Yoga Gen 4 21F2
ThinkPad X13 Yoga Gen 4 21F3
Elliptic Virtual Lock Sensor Service for Windows 11 (Version 21H2 or later), 10 64-bit (Version 21H2 or later) - ThinkPad P1 Gen 6 (Type 21FV, 21FW)
Elliptic Human Presence Detection Driver for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad P1 Gen 7 (Type 21KV, 21KW)
Elliptic Virtual Lock Sensor Service for Windows 11 (Version 21H2 or later), 10 64-bit (Version 21H2 or later) - ThinkPad
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later) 10 (Version 22H2 or later) - ThinkPad P14s Gen 4 (Type 21K5, 21K6), T14 Gen 4 (Type 21K3, 21K4)
Elliptic Human Presence Detection Driver for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad P14s Gen 5 (Type 21G2, 21G3), P16s Gen 3 (Type 21KS, 21KT)
Elliptic Human Presence Detection Device Driver for Windows 10 (Version 21H2 or later) - ThinkPad P14s Gen 5 (Type 21ME, 21MF), T14 Gen 5 (Type 21MC, 21MD)
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad P14s Gen 5 (Type 21ME, 21MF), T14 Gen 5 (Type 21MC, 21MD)
Elliptic Human Presence detection Device Driver for Windows 11 (Version 21H2 or later), 10 (Version 21H2 or later) - ThinkPad P16 Gen 2 (Type 21FA, 21FB)
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later) 10 (Version 22H2 or later) - ThinkPad P16s Gen 2 (Type 21K9, 21KA), T16 Gen 2 (Type 21K7 21K8)
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 21H2 or later), 10 (Version 21H2 or later) - ThinkPad P16v Gen 1 (Type 21FC, 21FD)
Elliptic Human Presence Detection Driver for Windows 11 (Version 21H2 or later), 10 (Version 21H2 or later) - ThinkPad P16v Gen 1 (Type 21FE, 21FF)
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad P16v Gen 2 (Type 21KX, 21KY)
Elliptic Virtual Lock Sensor Service for Windows 11 (Version 21H2 or later), 10 64-bit (Version 20H2 or later) - ThinkPad T14 Gen 3 (Type 21AH, 21AJ)
Elliptic Virtual Lock Sensor service for Windows 11 (Version 21H2 or Later), 10 64-bit (Version 20H2 or Later) - ThinkPad T14 Gen 3 (Type 21CF, 21CG)
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad
Elliptic Human Presence Detection Device Driver for Windows 11 (Version 22H2 or later), 10 (Version 22H2 or later) - ThinkPad T14s Gen 4 (Type 21F8, 21F9)
Elliptic Human Presence Detection driver for Windows 11 (Version 23H2 or later) - ThinkPad T14s Gen 6 (Type 21M1, 21M2)
Elliptic Virtual Lock Sensor Service for Windows 11 (Version 22H2 or later), 10 (Version 21H2 or later) - ThinkPad X1 Carbon 12th Gen (Type 21KC, 21KD), X1 2-in-1 Gen 9 (Type 21KE, 21KF)
Elliptic Virtual Lock Sensor for Windows 11 (Version 21H2 or later), 10 (Version 21H2 or later) - ThinkPad X13 Gen 4 (Type 21EX, 21EY), X13 Yoga Gen 4 (Type 21F2, 21F3)
Elliptic Human Presence Detection Driver for Windows 11 (Version 21H2 or later), 10 (Version 21H1 or later) - ThinkPad X13 Gen 4 (Type 21J3, 21J4)
Link to public exploit:
Vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect default permissions for files and folders in in Elliptic Labs Virtual Lock Sensor. A local user with access to the system can view contents of files and directories or modify them.
Remediation
Install updates from vendor's website.