Privilege Escalation via Race Condition in Lenovo System Update
CVE-2015-2234 · MEDIUM Severity
AV:L/AC:M/AU:N/C:C/I:C/A:C
Race condition in Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses world-writable permissions for the update files directory, which allows local users to gain privileges by writing to an update file after the signature is validated.
Learn more about our User Device Pen Test.