CVE-2016-8223

Summary

During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level privileges.

Affected Software

VendorProductVersion RangeStatus
Lenovo Group Ltd.All ThinkPad, ThinkCentre, ThinkStation and Lenovo-branded systems preloaded with the Windows 10 operating system, or any system running Lenovo Companion, Lenovo Settings, or Lenovo ID.1.0.66.0 and earlieraffected

Weaknesses

  • Lenovo System Interface Foundation Privilege Escalation?

ADP Enrichment

CVE Program Container

Additional References

References