System Interface Foundation
by Lenovo
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8223 | Hig | 0.51 | 7.8 | 0.00 | Nov 29, 2016 | During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level privileges. | ||
| CVE-2020-8346 | 0.00 | — | 0.00 | Sep 15, 2020 | A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written to non-standard locations. | |||
| CVE-2020-8319 | 0.00 | — | 0.00 | Apr 14, 2020 | A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated privileges. | |||
| CVE-2020-8318 | 0.00 | — | 0.00 | Apr 14, 2020 | A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with elevated privileges. | |||
| CVE-2019-6189 | 0.00 | — | 0.00 | Nov 20, 2019 | A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL. | |||
| CVE-2019-6186 | 0.00 | — | 0.01 | Nov 20, 2019 | A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user. |
- risk 0.51cvss 7.8epss 0.00
During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level privileges.
- CVE-2020-8346Sep 15, 2020risk 0.00cvss —epss 0.00
A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written to non-standard locations.
- CVE-2020-8319Apr 14, 2020risk 0.00cvss —epss 0.00
A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated privileges.
- CVE-2020-8318Apr 14, 2020risk 0.00cvss —epss 0.00
A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with elevated privileges.
- CVE-2019-6189Nov 20, 2019risk 0.00cvss —epss 0.00
A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL.
- CVE-2019-6186Nov 20, 2019risk 0.00cvss —epss 0.01
A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user.