CVE-2019-6175 — Lenovo System Update vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.6%

top 31.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Lenovo System Update

Timeline

PublishedSep 26

Latest updateMay 24

Description

A denial of service vulnerability was reported in Lenovo System Update versions prior to 5.07.0088 that could allow configuration files to be written to non-standard locations.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5lenovo/system_updateunspecified — 5.07.0088

▶NVDlenovo/system_update< 5.07.0088

Patches

Patch: support.lenovo.com ↗Patch: support.lenovo.com ↗

🔴Vulnerability Details

GHSA

GHSA-qw9h-4855-wwrh: A denial of service vulnerability was reported in Lenovo System Update versions prior to 5↗2022-05-24

▶

CVEList

System Update Vulnerability↗2019-09-26

▶