Privilege Escalation Vulnerability in Lenovo System Update
CVE-2015-6971
7.8HIGH
What is CVE-2015-6971?
A vulnerability in Lenovo System Update allows local users to submit arbitrary commands to the SUService.exe, potentially leading to unauthorized privilege escalation. This occurs when signed Lenovo executables are launched, providing a pathway for malicious users to gain elevated access within the system. Security updates are recommended to mitigate the risks associated with this flaw.