CVE-2015-8109

Severity CVSS v4.0:
Pending analysis
Type:
CWE-255 Credentials Management
Publication date:
24/04/2017
Last modified:
20/04/2025

Description

Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by making a prediction of tvsu_tmp_xxxxxXXXXX account credentials that requires knowledge of the time that this account was created, aka a "temporary administrator account vulnerability."

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:lenovo:lenovo_system_update:*:*:*:*:*:*:*:* 5.07.0013 (including)