Vulnerabilities > Lenovo > System Update > 5.07.0013
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-08 | CVE-2023-4632 | Unspecified vulnerability in Lenovo System Update An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated privileges. | 7.8 |
| 2023-05-01 | CVE-2022-4568 | Incorrect Default Permissions vulnerability in Lenovo System Update A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges. | 7.0 |
| 2022-04-22 | CVE-2022-0354 | Unspecified vulnerability in Lenovo System Update A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window. | 7.8 |
| 2020-09-15 | CVE-2020-8342 | Race Condition vulnerability in Lenovo System Update A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege. | 7.0 |
| 2019-09-26 | CVE-2019-6175 | Unspecified vulnerability in Lenovo System Update A denial of service vulnerability was reported in Lenovo System Update versions prior to 5.07.0088 that could allow configuration files to be written to non-standard locations. | 7.5 |
| 2019-06-26 | CVE-2019-6163 | Improper Resource Shutdown or Release vulnerability in Lenovo System Update A denial of service vulnerability was reported in Lenovo System Update before version 5.07.0084 that could allow service log files to be written to non-standard locations. | 7.5 |
| 2018-05-04 | CVE-2018-9063 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lenovo System Update MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary code. | 7.8 |