Vulnerabilities > Lenovo > System Update > 5.06.0043

DATE CVE VULNERABILITY TITLE RISK
2020-09-15 CVE-2020-8342 Time-Of-Check Time-Of-Use (Toctou) Race Condition vulnerability in Lenovo System Update
A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege.
local
lenovo CWE-367
6.9
2020-03-27 CVE-2015-7336 Improper Verification of Cryptographic Signature vulnerability in Lenovo System Update 5.06.0027/5.06.0043/5.07.0008
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA.
network
low complexity
lenovo CWE-347
5.0
2020-03-27 CVE-2015-7335 Race Condition vulnerability in Lenovo System Update 5.06.0027/5.06.0043/5.07.0008
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA.
local
lenovo CWE-362
6.9
2020-03-27 CVE-2015-7334 Improper Privilege Management vulnerability in Lenovo System Update 5.06.0027/5.06.0043/5.07.0008
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA.
local
low complexity
lenovo CWE-269
7.2
2020-03-27 CVE-2015-7333 Improper Privilege Management vulnerability in Lenovo System Update 5.06.0027/5.06.0043/5.07.0008
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA.
local
low complexity
lenovo CWE-269
7.2
2019-09-26 CVE-2019-6175 Unspecified vulnerability in Lenovo System Update
A denial of service vulnerability was reported in Lenovo System Update versions prior to 5.07.0088 that could allow configuration files to be written to non-standard locations.
network
low complexity
lenovo
7.8
2019-06-26 CVE-2019-6163 Improper Resource Shutdown OR Release vulnerability in Lenovo System Update
A denial of service vulnerability was reported in Lenovo System Update before version 5.07.0084 that could allow service log files to be written to non-standard locations.
network
low complexity
lenovo CWE-404
5.0
2018-05-04 CVE-2018-9063 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Lenovo System Update
MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary code.
local
low complexity
lenovo CWE-119
4.6