Lenovo’s System Update Software (Lenovo Solution Center) is a night mare from security view. Within the last months we’ve seen several vulnerabilities. Now a new critical security flaw has been discovered in Lenovo Solution Center.
Martin Rakhmanov from Trustwave discovered the vulnerability CVE-2015-6971 in Lenovo Solution Center months ago and informed Lenovo on mid January 2016. As digitaltrends.com writes here, a normal unprivileged user may run code as an administrator. It was tested with Lenovo Solution Center version 2.8.006, but all versions prior to 3.3.0002 are affected.
A user with normal privileges can open a command prompt window and launch Lenovo Solution Center service, or launch the Lenovo System Health and Diagnostics via Control Panel. Afterward it’s possible to open Device Manager running as LocalSystem. This allows to install drivers – or use a dummy .inf file to install malicious DLL files.
Martin Rakhmanov has provided more details about this vulnerability within this blog post. Lenovo has provided a warning page and released Lenovo Solution Center 3.3.002 on April 26, 2016. Lenovo recommend uses to update Lenovo Solution Center as soon as possible. But I recommend to uninstall Lenovo Solution Center as soon as possible.