CVE-2016-2393

Lenovo Fingerprint Manager before 8.01.57 and Touch Fingerprint before 1.00.08 use weak ACLs for unspecified (1) services and (2) files, which allows local users to gain privileges by invalidating local checks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
VendorProductVersion
lenovofingerprint_manager
𝑥
≤ 8.01.56
lenovotouch_fingerprint
𝑥
≤ 1.00.07
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.lenovo.com/us/en/product_security/len_4282
https://support.lenovo.com/us/en/product_security/len_4282