Vulnerabilities > Lenovo > System Update > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-08 CVE-2023-4632 Uncontrolled Search Path Element vulnerability in Lenovo System Update
An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated privileges.
local
low complexity
lenovo CWE-427
7.8
2023-05-01 CVE-2022-4568 Incorrect Default Permissions vulnerability in Lenovo System Update
A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges.
local
low complexity
lenovo CWE-276
7.8
2022-04-22 CVE-2022-0354 Unspecified vulnerability in Lenovo System Update
A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window.
local
low complexity
lenovo
7.8
2020-09-15 CVE-2020-8342 Race Condition vulnerability in Lenovo System Update
A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege.
local
high complexity
lenovo CWE-362
7.0
2020-03-27 CVE-2015-7336 Improper Verification of Cryptographic Signature vulnerability in Lenovo System Update
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA.
network
low complexity
lenovo CWE-347
7.5
2020-03-27 CVE-2015-7335 Race Condition vulnerability in Lenovo System Update
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA.
local
high complexity
lenovo CWE-362
7.0
2020-03-27 CVE-2015-7334 Improper Privilege Management vulnerability in Lenovo System Update
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA.
local
low complexity
lenovo CWE-269
7.8
2020-03-27 CVE-2015-7333 Improper Privilege Management vulnerability in Lenovo System Update
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA.
local
low complexity
lenovo CWE-269
7.8
2019-09-26 CVE-2019-6175 Unspecified vulnerability in Lenovo System Update
A denial of service vulnerability was reported in Lenovo System Update versions prior to 5.07.0088 that could allow configuration files to be written to non-standard locations.
network
low complexity
lenovo
7.5
2019-06-26 CVE-2019-6163 Improper Resource Shutdown or Release vulnerability in Lenovo System Update
A denial of service vulnerability was reported in Lenovo System Update before version 5.07.0084 that could allow service log files to be written to non-standard locations.
network
low complexity
lenovo CWE-404
7.5