CVE-2016-8223
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level privileges.
Durante una revisión de seguridad interna, Lenovo identificó una vulnerabilidad de escalamiento de privilegios local en el software Lenovo System Interface Foundation instalado en algunos PCs con Windows 10 donde un usuario con privilegios locales podía ejecutar código arbitrario con privilegios de nivel administrador.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-09-16 CVE Reserved
- 2016-11-29 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-284: Improper Access Control
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/94597 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.lenovo.com/us/en/solutions/LEN_10150 | 2016-12-06 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Lenovo Search vendor "Lenovo" | System Interface Foundation Search vendor "Lenovo" for product "System Interface Foundation" | <= 1.0.66.0 Search vendor "Lenovo" for product "System Interface Foundation" and version " <= 1.0.66.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | - | x64 |
Safe
|
| Lenovo Search vendor "Lenovo" | System Interface Foundation Search vendor "Lenovo" for product "System Interface Foundation" | <= 1.0.66.0 Search vendor "Lenovo" for product "System Interface Foundation" and version " <= 1.0.66.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | - | x86 |
Safe
|