CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-7334

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type COMMAND type could allow a user to execute arbitrary code with elevated privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.5%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

Products affected by CVE-2015-7334

Lenovo » System Update » Version: N/A

cpe:2.3:a:lenovo:system_update:-
Lenovo » System Update » Version: 5.06.0027

cpe:2.3:a:lenovo:system_update:5.06.0027
Lenovo » System Update » Version: 5.06.0034

cpe:2.3:a:lenovo:system_update:5.06.0034
Lenovo » System Update » Version: 5.06.0043

cpe:2.3:a:lenovo:system_update:5.06.0043
Lenovo » System Update » Version: 5.07.0008

cpe:2.3:a:lenovo:system_update:5.07.0008

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-7334

Products

Pricing

Contact Us