Lenovo System Update Security Vulnerabilities
An uncontrolled search path vulnerability was reported in Lenovo System Update that could allow an attacker with local access to execute code with elevated...
7.8CVSS
7.6AI Score
0.0004EPSS
A directory permissions management vulnerability in Lenovo System Update may allow elevation of...
7.8CVSS
7.5AI Score
0.0004EPSS
MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary...
7.8CVSS
7.6AI Score
0.0004EPSS
Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by making a prediction of tvsu_tmp_xxxxxXXXXX account credentials that requires knowledge of the time that this account was created, aka a "temporary administrator account...
7CVSS
7.1AI Score
0.0004EPSS
Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by navigating to (1) "Click here to learn more" or (2) "View privacy policy" within the Tvsukernel.exe GUI application in the context of a temporary administrator account, aka a "local....
7.8CVSS
7.7AI Score
0.0004EPSS
Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle attackers to execute arbitrary...
8.1CVSS
8.4AI Score
0.006EPSS