Lenovo: >> System Update >> 5.06.0034 Security Vulnerabilities
An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-08
A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges.
CVSS Score
7.0
EPSS Score
0.001
Published
2023-05-01
A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window.
CVSS Score
7.3
EPSS Score
0.002
Published
2022-04-22
A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege.
CVSS Score
7.3
EPSS Score
0.0
Published
2020-09-15
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type INF and INF_BY_COMPATIBLE_ID command types could allow a user to execute arbitrary code with elevated privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-03-27
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type COMMAND type could allow a user to execute arbitrary code with elevated privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-03-27
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A race condition was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow a user to execute arbitrary code with elevated privileges.
CVSS Score
7.0
EPSS Score
0.0
Published
2020-03-27
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow the signature check of an update to be bypassed.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-03-27
A denial of service vulnerability was reported in Lenovo System Update versions prior to 5.07.0088 that could allow configuration files to be written to non-standard locations.
CVSS Score
7.5
EPSS Score
0.006
Published
2019-09-26
A denial of service vulnerability was reported in Lenovo System Update before version 5.07.0084 that could allow service log files to be written to non-standard locations.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-06-26
Page 1