Arbitrary Code Execution with LocalSystem Privileges in Lenovo Solution Center (LSC)
CVE-2016-5249 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
Lenovo Solution Center (LSC) before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly.
Learn more about our User Device Pen Test.