Sign-up

ID

VAR-201505-0140


CVE

CVE-2015-2233


TITLE

Lenovo System Update Vulnerable to uploading arbitrary files

Trust: 0.8

sources: JVNDB: JVNDB-2015-002673

DESCRIPTION

Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 does not properly validate CA chains during signature validation, which allows man-in-the-middle attackers to upload and execute arbitrary files via a crafted certificate. Lenovo System Update is prone to a security-bypass vulnerability. Attackers can exploit this issue through man-in-the-middle attacks to execute arbitrary code, which may lead to further attacks. Versions prior to Lenovo System Update 5.6.0.27 are vulnerable. Lenovo System Update (formerly known as ThinkVantage System Update) is a set of system automatic update tools provided by China Lenovo (Lenovo), which includes device driver updates, Windows system patch updates, etc. The vulnerability stems from the fact that the program does not verify the CA chain correctly when performing signature verification operations

Trust: 1.98

sources: NVD: CVE-2015-2233 // JVNDB: JVNDB-2015-002673 // BID: 74642 // VULHUB: VHN-80194

AFFECTED PRODUCTS

vendor:lenovomodel:system updatescope:lteversion:5.06.0027

Trust: 1.0

vendor:lenovomodel:system updatescope:ltversion:5.06.0034

Trust: 0.8

vendor:lenovomodel:system updatescope:eqversion:5.06.0027

Trust: 0.6

vendor:lenovomodel:system updatescope:eqversion:5.6.0.27

Trust: 0.3

vendor:lenovomodel:system updatescope:neversion:5.6.34

Trust: 0.3

sources: BID: 74642 // JVNDB: JVNDB-2015-002673 // CNNVD: CNNVD-201505-102 // NVD: CVE-2015-2233

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-2233
value: HIGH

Trust: 1.0

NVD: CVE-2015-2233
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201505-102
value: HIGH

Trust: 0.6

VULHUB: VHN-80194
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-2233
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-80194
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-80194 // JVNDB: JVNDB-2015-002673 // CNNVD: CNNVD-201505-102 // NVD: CVE-2015-2233

PROBLEMTYPE DATA

problemtype:CWE-310

Trust: 1.9

sources: VULHUB: VHN-80194 // JVNDB: JVNDB-2015-002673 // NVD: CVE-2015-2233

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201505-102

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201505-102

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-002673

PATCH
title:LEN-2015-011url:http://support.lenovo.com/us/en/product_security/lsu_privilege
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-002673

EXTERNAL IDS
db:NVDid:CVE-2015-2233
Trust: 2.8
db:SECTRACKid:1032268
Trust: 1.7
db:BIDid:74642
Trust: 1.4
db:JVNDBid:JVNDB-2015-002673
Trust: 0.8
db:CNNVDid:CNNVD-201505-102
Trust: 0.7
db:VULHUBid:VHN-80194
Trust: 0.1
sources:
            
            
            VULHUB: VHN-80194 // 
            
            
            
            BID: 74642 // 
            
            
            
            JVNDB: JVNDB-2015-002673 // 
            
            
            
            CNNVD: CNNVD-201505-102 // 
            
            
            
            NVD: CVE-2015-2233

REFERENCES
url:http://support.lenovo.com/us/en/product_security/lsu_privilege
Trust: 2.0
url:http://www.ioactive.com/pdfs/lenovo_system_update_multiple_privilege_escalations.pdf
Trust: 2.0
url:http://securitytracker.com/id/1032268
Trust: 1.7
url:http://www.securityfocus.com/bid/74642
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2233
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2233
Trust: 0.8
url:http://www.lenovo.com/ca/en/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-80194 // 
            
            
            
            BID: 74642 // 
            
            
            
            JVNDB: JVNDB-2015-002673 // 
            
            
            
            CNNVD: CNNVD-201505-102 // 
            
            
            
            NVD: CVE-2015-2233

CREDITS
Michael Milvich and Sofiane Talmat of IOActive
Trust: 0.3
sources:
            
            
            BID: 74642

SOURCES
db:VULHUBid:VHN-80194
db:BIDid:74642
db:JVNDBid:JVNDB-2015-002673
db:CNNVDid:CNNVD-201505-102
db:NVDid:CVE-2015-2233

LAST UPDATE DATE
2024-11-23T21:44:17.954000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-80194date:2016-12-03T00:00:00
db:BIDid:74642date:2015-05-12T00:00:00
db:JVNDBid:JVNDB-2015-002673date:2015-05-18T00:00:00
db:CNNVDid:CNNVD-201505-102date:2015-05-15T00:00:00
db:NVDid:CVE-2015-2233date:2024-11-21T02:27:02.663

SOURCES RELEASE DATE
db:VULHUBid:VHN-80194date:2015-05-12T00:00:00
db:BIDid:74642date:2015-05-12T00:00:00
db:JVNDBid:JVNDB-2015-002673date:2015-05-18T00:00:00
db:CNNVDid:CNNVD-201505-102date:2015-05-13T00:00:00
db:NVDid:CVE-2015-2233date:2015-05-12T19:59:14.070