Note:
This project will be discontinued after December 13, 2021. [more]
Product:
System_update
(Lenovo)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-05-01 | CVE-2022-4568 | A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges. | System_update | 7.0 | ||
| 2020-09-15 | CVE-2020-8342 | A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege. | System_update | 7.0 | ||
| 2022-04-22 | CVE-2022-0354 | A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window. | System_update | 7.8 | ||
| 2023-11-08 | CVE-2023-4632 | An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated privileges. | System_update | 7.8 | ||
| 2020-03-27 | CVE-2015-7336 | MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow the signature check of an update to be bypassed. | System_update | N/A |