Categories: Breaking NewsHacking

3 OEMs Vulnerable To 3 Vulnerabilities. Your PCs At Risk

Bad news for PC users, Lenovo machines can be hijacked by visiting a malicious website, meanwhile Dell and Toshiba PC are affected by serious flaws.

Security Researcher slipstream/RoL posted Proof-of-concept exploits online (3 OEMs Vulnerable To Three Vulnerability Your PCs At Risk) demonstrating how to compromise machines available on the market.


The US CERT has issued an alert about the vulnerabilities affecting the Lenovo machines, the Chinese firm is urging to uninstall its Solution Center as soon as possible.

“By convincing a user who has launched the Lenovo Solution Center to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with SYSTEM privileges. Additionally, a local user can execute arbitrary code with SYSTEM privileges,” said CERT, which is backed by the US Department of Homeland Security.

“The CERT/CC is currently unaware of a practical solution to this problem. However, please consider the following workaround: uninstall Lenovo Solution Center to prevent exploitation of these vulnerabilities. Closing any running instance of Lenovo Solution Center also prevents exploitation.”

Lenovo Solution Center security advisory posted on company website confirms that the company is urgently working on a fix.

“We are urgently assessing the vulnerability report and will provide an update and applicable fixes as rapidly as possible. Additional information and updates will be posted to this security advisory page as they become available.” States the advisory.

Mitigation Strategy for Customers (what you should do to protect yourself) By Lenovo Solution Center : To remove the potential risk posed by this vulnerability, users can uninstall the Lenovo Solution Center application using the add / remove programs function.

By the way, the Lenovo Solution Center flaw is also exploitable remotely via CSRF, if the Lenovo Solution Center is open! Open Lenovo Solution Center and click here for a SYSTEM shell! Security Researcher Said

You can fetch exploit binaries and source code from  oemdrop.

Summarizing the security vulnerabilities, according to CERT and Slipstream:

Lenovo

  • Lenovo Solution Center creates a process called LSCTaskService that runs with full administrator rights, and fires up a web server on port 55555. It can be instructed via GET and POST HTTP requests to execute code in a directory a local user can access.
  • Lenovo Solution Center will execute, again with full privileges, programs found in an arbitrary location on disk where the user can write to. Put some bad software in there, and it will be executed with admin rights.
  • A classic cross-site request forgery (CSRF) vulnerability exists in the LSCTaskService process, allowing any visited webpage to pass commands to the local web server to execute with full privileges.

Dell

  • Dell‘s bundled utility Dell System Detect can be made to gain admin privileges and execute arbitrary commands – by feeding it a security token downloaded from, er, dell.com: a token granting Dell System Detect permission to install manuals can be abused to execute programs (such as malware) with admin privileges. This can be exploited by software on your computer to fully compromise the machine.

Toshiba

  • Toshiba‘s bundled Service Station tool can be abused by normal users and unprivileged software to read the majority of the operating system’s registry as a SYSTEM-level user.

Remove Bloatware From Windows With Decrap My Computer

Decrap My Computer allows you to easily and safely remove all of the bloatware that comes pre-installed by the manufacturer on a new Windows PC. It can take hours or even days to get all the pre-installed software removed from your new computer, but with this little freeware utility you can completely uninstall all the unneeded software.

Best of all, Decrap My Computer can do all the operations needed to remove bloatware on its own, without any user input! It even clicks the usual “Next” and various other confirmation buttons of most common software uninstallers.

See how it works!

This video shows Decrap My Computer removes all the pre-installed software of a brand new Acer Aspire V3 laptop. Notice that after the final confirmation box has been closed, there is zero user input, all the uninstallers are automatically run by the Decrap My Computer program!

About the author Mayur Agnihotri

Mayur Agnihotri has a Bachelors of Engineering from Information Technology. He got a number of Infosec Certifications, including C|EH – Certified Ethical Hacker , Cyber Security for Industrial Control Systems, Operational Security for Control Systems, Advanced Security In The Field, Basic Security In The Field.

Twitter : @I_AM_Mayur0021

Edited by Pierluigi Paganini

(Security Affairs – PC, security flaws)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

4 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

10 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

22 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

1 day ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

1 day ago

This website uses cookies.