First published: Fri Mar 27 2020(Updated: )
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type INF and INF_BY_COMPATIBLE_ID command types could allow a user to execute arbitrary code with elevated privileges.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo System Update | <=5.07.0008 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-7333 is a local privilege escalation vulnerability in Lenovo System Update version 5.07.0008 and prior.
CVE-2015-7333 has a severity rating of 7.8, which is considered high.
To fix CVE-2015-7333, you should update Lenovo System Update to version 5.07.0009 or later.
You can find additional information about CVE-2015-7333 at the following reference: https://support.lenovo.com/us/en/product_security/lsu_privilege
The CWE ID for CVE-2015-7333 is 269.