CVE-2019-6175
System Update Vulnerability
In short
Lenovo System Update versions before 5.07.0088 have a flaw that allows denial of service attacks by writing configuration files to unexpected locations on the system. This can disrupt normal system operation and cause the software to malfunction.
Technical detail
A path traversal vulnerability in Lenovo System Update <5.07.0088 permits unauthenticated attackers to write configuration files to arbitrary locations, potentially overwriting critical system files or causing application failures. The vulnerability requires local or network-based write access to trigger the malicious configuration file placement.
Summary generated and translated by AI from the official description.
A denial of service vulnerability was reported in Lenovo System Update versions prior to 5.07.0088 that could allow configuration files to be written to non-standard locations.
Affected products
Lenovo · System UpdateWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →