RSS   Vulnerabilities for 'System update'   RSS

2018-05-04
 
CVE-2018-9063

CWE-119
 

 
MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv.

 
2017-10-02
 
CVE-2015-6971

 

 
Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows local users to submit commands to the System Update service (SUService.exe) and gain privileges by launching signed Lenovo executables.

 
2015-05-12
 
CVE-2015-2234

 

 
Race condition in Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses world-writable permissions for the update files directory, which allows local users to gain privileges by writing to an update file after the signature is validated.

 
 
CVE-2015-2233

 

 
Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 does not properly validate CA chains during signature validation, which allows man-in-the-middle attackers to upload and execute arbitrary files via a crafted certificate.

 
 
CVE-2015-2219

 

 
Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses predictable security tokens, which allows local users to gain privileges by sending a valid token with a command to the System Update service (SUService.exe) through an unspecified named pipe.

 

 >>> Vendor: Lenovo 378 Products
Thinkpad
Access support
Automated solutions
Thinkvantage system update
Resuce and recovery
Veriface
Thinkpad bluetooth with enhanced data rate software
Usb enhanced performance keyboard
Thinkserver rd350
Thinkserver rd450
Thinkserver rd550
Thinkserver rd650
Thinkserver td350
Thinkserver rd350 firmware
Thinkserver rd450 firmware
Thinkserver rd550 firmware
Thinkserver rd650 firmware
Thinkserver td350 firmware
Thinkserver system manager baseboard management controller firmware
System update
Switch center
Shareit
Fingerprint manager
Touch fingerprint
Emc firmware
Accelerator application
Solution center
Bios efi driver
Ultraslim firmware
BIOS
System interface foundation
Thinkpad 10 ella 2 bios
Thinkpad 11e beema bios
Thinkpad 11e braswell bios
Thinkpad 11e broadwell bios
Thinkpad 11e skylake bios
Thinkpad 13e bios
Thinkpad e450 bios
Thinkpad e450c bios
Thinkpad e455 bios
Thinkpad e460 bios
Thinkpad e465 bios
Thinkpad e550 bios
Thinkpad e550c bios
Thinkpad e555 bios
Thinkpad e560 bios
Thinkpad e565 bios
Thinkpad edge e440 bios
Thinkpad edge e445 bios
Thinkpad edge e540 bios
Thinkpad edge e545 bios
Thinkpad helix 20cg bios
Thinkpad helix 20ch bios
Thinkpad l440 bios
Thinkpad l450 bios
Thinkpad l460 bios
Thinkpad l540 bios
Thinkpad l560 bios
Thinkpad p50 bios
Thinkpad p50s bios
Thinkpad p70 bios
Thinkpad s1 yoga 12 bios
Thinkpad s1 yoga non vpro bios
Thinkpad s1 yoga vpro bios
Thinkpad s3 s440 bios
Thinkpad s3 yoga 14 bios
Thinkpad s540 bios
Thinkpad s5 e560p bios
Thinkpad s5 yoga 15 bios
Thinkpad t440 bios
Thinkpad t440p bios
Thinkpad t440s bios
Thinkpad t440u bios
Thinkpad t450 bios
Thinkpad t450s bios
Thinkpad t460 bios
Thinkpad t460p bios
Thinkpad t460s bios
Thinkpad t540 bios
Thinkpad t540p bios
Thinkpad t550 bios
Thinkpad t560 bios
Thinkpad tablet 10 bios
Thinkpad tablet 8 bios
Thinkpad w540 bios
Thinkpad w541 bios
Thinkpad w550s bios
Thinkpad x140e amd bios
Thinkpad x1 carbon 20ax bios
Thinkpad x1 carbon 20bx bios
Thinkpad x1 carbon bios
Thinkpad x1 tablet bios
Thinkpad x1 yoga bios
Thinkpad x240 bios
Thinkpad x240s bios
Thinkpad x250 broadwell bios
Thinkpad x250 sharkbay bios
Thinkpad x260 bios
Thinkpad yoga 11e beema bios
Thinkpad yoga 11e bios
See all Products for Vendor Lenovo


Copyright 2018, cxsecurity.com

 

Back to Top