Описание
Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows local users to submit commands to the System Update service (SUService.exe) and gain privileges by launching signed Lenovo executables.
Ссылки
- Vendor Advisory
- ExploitThird Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.06.0034 (включая)
cpe:2.3:a:lenovo:system_update:*:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00119
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows local users to submit commands to the System Update service (SUService.exe) and gain privileges by launching signed Lenovo executables.
EPSS
Процентиль: 31%
0.00119
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-77