Lenovo Accelerator Application Vulnerability: Remote Code Execution via Update Spoofing

Lenovo Accelerator Application Vulnerability: Remote Code Execution via Update Spoofing

CVE-2016-3944 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

UpdateAgent in Lenovo Accelerator Application allows man-in-the-middle attackers to execute arbitrary code by spoofing an update response from susapi.lenovomm.com.

Learn more about our Api Penetration Testing.