CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5249
https://notcve.org/view.php?id=CVE-2016-5249
Lenovo Solution Center (LSC) before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly. Lenovo Solution Center (LSC) en versiones anteriores a 3.3.003 permite a usuarios locales ejecutar código arbitrario con privilegios de LocalSystem a través de vectores involucrando el comando LSC.Services.SystemService StartProxy con una canalización nombrada creada de antemano y con un ensamblado .NET manipulado. • https://support.lenovo.com/us/en/product_security/len_7814 https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-012/?fid=8073 • CWE-264: Permissions, Privileges, and Access Controls •