Code Execution Vulnerability in Lenovo Accelerator Application by Man-in-the-Middle Attack
CVE-2016-3944

7.5HIGH

Key Information:

Vendor: Lenovo
Status: Accelerator Application
Vendor: CVE Published:; 3 June 2016

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2016-3944?

The Lenovo Accelerator Application is susceptible to a code execution vulnerability where the UpdateAgent component allows man-in-the-middle attackers to execute arbitrary code. This occurs through the spoofing of an update response from susapi.lenovomm.com, potentially compromising the integrity of the affected system. Users are advised to ensure their software is updated and to follow best practices for mitigation.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2016-3944 - Proof of Concept

References

https://support.lenovo.com/us/en/product_security/len_6718

x_refsource_CONFIRM

https://duo.com/blog/out-of-box-exploitation-a-security-a...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jun 3, 2016
👾
Exploit known to exist
Jun 3, 2016
Vulnerability published
Jun 3, 2016
Vulnerability Reserved
Mar 31, 2016

CVE-2016-3944 Data

JSON