PT-2016-5153 · Lenovo · Lenovo Touch Fingerprint+1

Published

2016-04-11

Updated

2016-04-14

CVE-2016-2393

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Lenovo Fingerprint Manager versions prior to 8.01.57 Lenovo Touch Fingerprint versions prior to 1.00.08

Description The issue allows local users to gain privileges by invalidating local checks due to weak ACLs used for unspecified services and files.

Recommendations For Lenovo Fingerprint Manager versions prior to 8.01.57, update to version 8.01.57 or later. For Lenovo Touch Fingerprint versions prior to 1.00.08, update to version 1.00.08 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2016-2393

Affected Products

Lenovo Fingerprint Manager

Lenovo Touch Fingerprint

PT-2016-5153 · Lenovo · Lenovo Touch Fingerprint+1

CVE-2016-2393

Weakness Enumeration

Related Identifiers

Affected Products

References · 3