Lenovo Virtual Bus Driver DividebyZero Vulnerability (CVE20261653)
CVE-2026-1653 Published on March 11, 2026

A potential divide by zero vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to cause a Windows blue screen error.

NVD

Vulnerability Analysis

CVE-2026-1653 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
NONE
Integrity Impact:
NONE
Availability Impact:
HIGH

Weakness Type

Divide By Zero

The product divides a value by zero. This weakness typically occurs when an unexpected value is provided to the product, or if an error occurs that is not properly detected. It frequently occurs in calculations involving physical dimensions such as size, length, width, and height.


Products Associated with CVE-2026-1653

Want to know whenever a new CVE is published for Lenovo Smart Connect? stack.watch will email you.

Lenovo Smart Connect
 

Affected Versions

Lenovo Smart Connect:

Exploit Probability

EPSS
0.01%
Percentile
2.54%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.