Vulnerability Description
Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lenovo | Customer Care Software Development Kit | <= 2.0.16 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/97543Third Party AdvisoryVDB Entry
- https://support.lenovo.com/us/en/solutions/LEN-11340Vendor Advisory
- http://www.securityfocus.com/bid/97543Third Party AdvisoryVDB Entry
- https://support.lenovo.com/us/en/solutions/LEN-11340Vendor Advisory
FAQ
What is CVE-2016-8235?
CVE-2016-8235 is a vulnerability with a CVSS score of 7.8 (HIGH). Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges.
How severe is CVE-2016-8235?
CVE-2016-8235 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-8235?
Check the references section above for vendor advisories and patch information. Affected products include: Lenovo Customer Care Software Development Kit.