A vulnerability has been discovered in Lenovo Service Engine utility which could allow for remote code execution. Lenovo Service Engine is a utility found in the BIOS that installs and updates Lenovo software. Successful exploitation of this vulnerability may allow an attacker to gain control of the utility and perform unauthorized actions.
Lenovo Desktop Models Running Windows 8 or 8.1:
- Horizon2 27
- Horizon 2e(Yoga Home 500)
- Horizon 2S
Lenovo Laptop Models Running Windows 7,8, 8.1 and 10:
- Flex 2 Pro-15/Edge 15 (Broadwell)
- Flex 2 Pro-15/Edge 15 (Haswell)
- Flex 3-1470/1570
- Flex 3-1120
- G40-80/G50-80/G50-80 Touch/V3000
- Yoga3 14
- Z70-80 / G70-80
- Yoga 3 11
A vulnerability has been discovered in Lenovo Service Engine utility which could allow for remote code execution. The vulnerability can be exploited by an attacker performing a buffer overflow attack. Successful exploitation could result in an attacker gaining access to the utility and installing malicious software that will always run upon boot-up of the machine even after it has been re-imaged.
Please note that the vulnerability only applies to Lenovo laptop computers running Windows 7, 8, 8.1 and 10.
Additionally, this vulnerability only applies to Lenovo desktop computers that were manufactured between 10/23/14 and 4/10/15, running Windows 8 and 8.1.
- Disable LSE in the system BIOS.
- Download and run the disabler tool on PC\Laptop after proper testing. (Tool automatically removes LSE files from the System32 directory).