CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-5249

Lenovo Solution Center (LSC) before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.0%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

https://support.lenovo.com/us/en/product_security/len_7814
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-012/?fid=8073
https://support.lenovo.com/us/en/product_security/len_7814
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-012/?fid=8073

Products affected by CVE-2016-5249

Lenovo » Solution Center » Version: N/A

cpe:2.3:a:lenovo:solution_center:-
Lenovo » Solution Center » Version: 3.3.0001

cpe:2.3:a:lenovo:solution_center:3.3.0001
Lenovo » Solution Center » Version: 3.3.002

cpe:2.3:a:lenovo:solution_center:3.3.002

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-5249

Products

Pricing

Contact Us