Temporary Administrator Account Vulnerability in Lenovo System Update
CVE-2015-8109
7HIGH
What is CVE-2015-8109?
Lenovo System Update, also known as ThinkVantage System Update, prior to version 5.07.0019 contains a vulnerability that allows local users to exploit predictable temporary account credentials to gain administrative privileges. This occurs when an attacker accurately predicts the creation time of the tvsu_tmp_xxxxxXXXXX account, enabling unauthorized access and potential system compromise.