Privilege Escalation Vulnerability in Lenovo Transition Application for Lenovo Yoga, Flex, and Miix Devices
CVE-2016-8227

7.8HIGH

Key Information:

Vendor: Lenovo
Status: Transition Application
Vendor: CVE Published:; 26 January 2017

What is CVE-2016-8227?

A vulnerability exists in the Lenovo Transition application that allows local users of affected Lenovo Yoga, Flex, and Miix systems running Windows to execute arbitrary code with elevated privileges. This could enable unauthorized changes to the system, potentially compromising data integrity and exposing users to further attacks. Proper updates and security measures are recommended to mitigate this risk.

Affected Version(s)

Transition application all versions

References

http://www.securityfocus.com/bid/95159

vdb-entryx_refsource_BID

https://support.lenovo.com/us/en/product_security/LEN-12508

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 26, 2017
Vulnerability Reserved
Sep 16, 2016

CVE-2016-8227 Data

JSON