Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lenovo lenovo system update vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-4632
An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated privileges.
Lenovo System Update
7.1
CVSSv3
CVE-2022-3702
A denial of service vulnerability was reported in Lenovo Vantage HardwareScan Plugin version 1.3.0.5 and previous versions that could allow a local malicious user to delete contents of an arbitrary directory under certain conditions.
Lenovo System Update Plugin
Lenovo Hardware Scan Plugin
Lenovo Hardware Scan Addin
6.3
CVSSv3
CVE-2022-3700
A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and previous versions that could allow a local malicious user to delete arbitrary files.
Lenovo System Update Plugin
Lenovo Hardware Scan Plugin
Lenovo Hardware Scan Addin
7.8
CVSSv3
CVE-2022-3701
A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin version 2.0.0.212 and previous versions that could allow a local malicious user to execute arbitrary code with elevated privileges.
Lenovo System Update Plugin
Lenovo Hardware Scan Plugin
Lenovo Hardware Scan Addin
7.8
CVSSv3
CVE-2022-4568
A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges.
Lenovo System Update
7.8
CVSSv3
CVE-2022-0354
A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released prior to 2022-02-25 that displays a command prom...
Lenovo System Update
7
CVSSv3
CVE-2020-8342
A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege.
Lenovo System Update
7.8
CVSSv3
CVE-2015-7333
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type INF and INF_BY_COMP...
Lenovo System Update
7.8
CVSSv3
CVE-2015-7334
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type COMMAND type could ...
Lenovo System Update
7
CVSSv3
CVE-2015-7335
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A race condition was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow a user to execute arbitrary code with elevated privileges.
Lenovo System Update
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »