Lucene search

K
nvd[email protected]NVD:CVE-2020-8318
HistoryApr 14, 2020 - 9:15 p.m.

CVE-2020-8318

2020-04-1421:15:15
web.nvd.nist.gov
5

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

12.6%

A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with elevated privileges.

Affected configurations

Nvd
Node
lenovosystem_interface_foundationRange<2.0.0.92
VendorProductVersionCPE
lenovosystem_interface_foundation*cpe:2.3:a:lenovo:system_interface_foundation:*:*:*:*:*:*:*:*

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

12.6%

Related for NVD:CVE-2020-8318