HIGH🇬🇧 English

CVE-2015-7336

CVSS 7.5v3.1pub. 2020-03-27upd. 2024-11-21

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow the signature check of an update to be bypassed.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  • Lenovo System Update

    APP
    Lenovo
    ≤ 5.07.0008
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-4632HIGH7.8ten sam produkt

An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker wi...

CVE-2022-4568HIGH7.0ten sam produkt

A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges.

CVE-2022-0354HIGH7.3ten sam produkt

A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system acc...

CVE-2020-8342HIGH7.3ten sam produkt

A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allo...

CVE-2015-7335HIGH7.0ten sam produkt

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A race condition was repor...