KLA10821
Arbitrary code execution vulnerability in Lenovo Accelerator Application
Updated: 06/01/2019
Detect date
?
06/03/2016
Severity
?
Critical
Description

Improper implementation of update mechanism was found in Lenovo Accelerator Application. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via spoofing an update response by man-in-the-middle attack.


Technical details

To workaround this vulnerability you have to uninstall Lenovo Accelerator Application. For further instructions you can read original LEN-6718 Lenovo advisory listed below.

Affected products

Lenovo Accelerator Application all versions 

Solution

Uninstall Lenovo Accelerator Application

Original advisories

Original advisory

Impacts
?
ACE 
[?]
CVE-IDS
?
CVE-2016-39449.3Critical