This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote Windows host contains an application that is affected by
The version of Lenovo System Update installed on the remote host is
prior to 5.06.0034. It is, therefore, affected by the following
- A flaw exists in SUService.exe (System Update service)
due to generating security tokens for a named pipe in a
predictable manner. A local attacker, by sending a valid
token, can exploit this flaw to execute commands to gain
elevated privileges. (CVE-2015-2219)
- A flaw exists due to a failure to properly validate the
certificate authority chain when downloading updates. A
man-in-the-middle attacker, using a crafted certificate,
can exploit this flaw to inject malicious updates,
thereby allowing the execution of arbitrary files.
- A flaw exists due to signature validation for updates
occurring in a directory having world-writeable
permissions. This can allow a local attacker to swap the
update before it is installed and thereby gain elevated
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Upgrade to Lenovo System Update 5.06.0034 or later.
Risk factor :
High / CVSS Base Score : 8.3
CVSS Temporal Score : 6.5
Public Exploit Available : true