Lenovo: >> System Update >> 5.06.0034 Security Vulnerabilities
MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-05-04
Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows local users to submit commands to the System Update service (SUService.exe) and gain privileges by launching signed Lenovo executables.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-10-03
Page 2