CVE-2015-2233
published 2015-05-12CVE-2015-2233: Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 does not properly validate CA chains during signature validation, which allows…
high8.3CVSS 3.1
AVAACLAuNCCICAC
Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 does not properly validate CA chains during signature validation, which allows man-in-the-middle attackers to upload and execute arbitrary files via a crafted certificate.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | system_update | <= 5.06.0027 | — |