CVE-2015-8110
Description
Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by navigating to (1) "Click here to learn more" or (2) "View privacy policy" within the Tvsukernel.exe GUI application in the context of a temporary administrator account, aka a "local privilege escalation vulnerability."
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.051
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2015-8109,CVE-2015-8110 are affected in Lenovo System Update 5.07.0013 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-340314 | Lenovo System Update (5.08.03.59) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234