Privilege Escalation via Lenovo System Update Service

Privilege Escalation via Lenovo System Update Service

CVE-2015-6971 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows local users to submit commands to the System Update service (SUService.exe) and gain privileges by launching signed Lenovo executables.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.