The vulnerability is a privilege escalation flaw that can be used to execute arbitrary code on a targeted system. Researchers say the vulnerability is tied to Lenovo Solution Center (LSC) software. The software is preinstalled on millions of older-model PCs made by the world s leading computer maker. Lenovo issued a security bulletin regarding this bug and recommended users upgrade to a similar utility called Lenovo Vantage. The LSC security flaw is the most recent in a long list of security fumbles that have plagued Lenovo over the past year.
Source: https://threatpost.com/bug-found-in-pre-installed-software/147657/