If you are a user of a Lenovo laptop you may need to uninstall the Lenovo Solution Center tool, as a team of vulnerabiliy testing experts has revealed the existence of a critical vulnerability in this pre-installed software that, if exploited, could grant a threat actor system administrator privileges.
Experts at Pen Test Partners mention that this is a discretionary access control list (DACL) overwrite vulnerability; “Any user with low privileges could access sensitive files by exploiting a process that requires high privileges,” specialists say. In other words, it’s a classic privilege escalation vulnerability, widely used by hackers to gain access to resources on a system that only administrators can legitimately access.
According to vulnerability testing experts, hackers could write a “pseudofile” that, when executed by Solution Center, can access sensitive files that are otherwise inaccessible. Subsequently the malicious code can run on the system with administrator privileges, completely compromising the system.
Solution Center is a preinstalled software on all Lenovo laptops released between 2011 and 2018, so millions of devices are potentially exposed to the exploitation of this flaw. This tool was designed to monitor the security status of these computers, so it is a bit ironic that it has become such an important attack vector.
After the flaws were revealed, the company released a statement alerting users to the risk, inviting them to uninstall Solution Center, which by the way has already stopped receiving updates from Lenovo. “A critical vulnerability in Lenovo Solution Center that could give a hacker an escalation of privilege has been publicly disclosed; we recommend to all users of our security tools migrate to Lenovo Vantage or Lenovo Diagnostics, which continue receiving support,” the statement reads.
Unfortunately, not all it’s good news. Vulnerability testing specialists say that after receiving the flaw report, Lenovo modified the date it stopped releasing support for Solution Center to make it look like this happened before the release of the last version of the system, so experts fear that some users will remain exposed to exploitation.
Lenovo commented: “It’s very common for some customers to forget to transition to other solutions, even some people choose not to migrate to new products. In these cases, we continue to release updates for tools that have reached the end of their support, ensuring that users still enjoy protection and support, at least on a very small scale.”
While this controversy is resolved, vulnerability testing specialists from the International Institute of Cyber Security (IICS) recommend Lenovo computer users released between 2011 and 2018 to uninstall Solution Center as soon as possible. A standard manual to complete this process is available on the company’s website.