CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5248
https://notcve.org/view.php?id=CVE-2016-5248
The StopProxy command in LSC.Services.SystemService in Lenovo Solution Center before 3.3.003 allows local users to terminate arbitrary processes via the PID argument. El comando StopProxy en LSC.Services.SystemService en Lenovo Solution Center en versiones anteriores a 3.3.003 permite a usuarios locales terminar procesos arbitrarios a través del argumento PID. • https://support.lenovo.com/us/en/product_security/len_7814 https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-012/?fid=8073 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5249
https://notcve.org/view.php?id=CVE-2016-5249
Lenovo Solution Center (LSC) before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly. Lenovo Solution Center (LSC) en versiones anteriores a 3.3.003 permite a usuarios locales ejecutar código arbitrario con privilegios de LocalSystem a través de vectores involucrando el comando LSC.Services.SystemService StartProxy con una canalización nombrada creada de antemano y con un ensamblado .NET manipulado. • https://support.lenovo.com/us/en/product_security/len_7814 https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-012/?fid=8073 • CWE-264: Permissions, Privileges, and Access Controls •