If you are a user of a Lenovo laptop you may need to uninstall the Lenovo Solution Center tool, as a team of vulnerabiliy testing experts has revealed the existence of a critical vulnerability in this pre-installed software that, if exploited, could grant a threat actor system administrator privileges.
Experts at Pen Test Partners mention that this
is a discretionary access control list (DACL) overwrite vulnerability; “Any
user with low privileges could access sensitive files by exploiting a process
that requires high privileges,” specialists say. In other words, it’s a classic
privilege
escalation vulnerability, widely used by hackers to gain access to
resources on a system that only administrators can legitimately access.
According to vulnerability testing experts,
hackers could write a “pseudofile” that, when executed by Solution
Center, can access sensitive files that are otherwise inaccessible.
Subsequently the malicious code can run on the system with administrator
privileges, completely compromising the system.
Solution Center is a preinstalled software on
all Lenovo laptops released between 2011 and 2018, so millions of devices are
potentially exposed to the exploitation of this flaw. This tool was designed to
monitor the security status of these computers, so it is a bit ironic that it
has become such an important attack vector.
After the flaws were revealed, the company
released a statement alerting users to the risk, inviting them to uninstall
Solution Center, which by the way has already stopped receiving updates from
Lenovo. “A critical vulnerability in Lenovo Solution Center that could
give a hacker an escalation of privilege has been publicly disclosed; we
recommend to all users of our security tools migrate to Lenovo Vantage or
Lenovo Diagnostics, which continue receiving support,” the statement
reads.
Unfortunately, not all it’s good news. Vulnerability
testing specialists say that after receiving the flaw report, Lenovo modified
the date it stopped releasing support for Solution Center to make it look like
this happened before the release of the last version of the system, so experts
fear that some users will remain exposed to exploitation.
Lenovo commented: “It’s very common for
some customers to forget to transition to other solutions, even some people
choose not to migrate to new products. In these cases, we continue to release
updates for tools that have reached the end of their support, ensuring that
users still enjoy protection and support, at least on a very small scale.”
While this controversy is resolved,
vulnerability testing specialists from the International Institute of Cyber
Security (IICS) recommend Lenovo computer users released between 2011 and 2018
to uninstall Solution Center as soon as possible. A standard manual to complete
this process is available on the company’s website.
