First published: Fri Mar 27 2020(Updated: )
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type COMMAND type could allow a user to execute arbitrary code with elevated privileges.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo System Update | <=5.07.0008 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Lenovo System Update vulnerability is CVE-2015-7334.
CVE-2015-7334 has a severity rating of 7.8 (high).
The affected software version for CVE-2015-7334 is Lenovo System Update version 5.07.0008 and prior.
This vulnerability can be exploited by using the SUService.exe /type COMMAND type.
You can find more information about CVE-2015-7334 at https://support.lenovo.com/us/en/product_security/lsu_privilege.