Bypassing Signature Check in Lenovo System Update

Bypassing Signature Check in Lenovo System Update

CVE-2015-7336 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow the signature check of an update to be bypassed.

Learn more about our Web Application Penetration Testing UK.