Recently, Lenovo devices can be easily hijacked again, while Dell and Toshiba PCs have also been affected by serious vulnerabilities. Security Researcherslipstream/RoL published the vulnerability online and demonstrated how to hack into the machines on the market.
Three OEMs, three pre-installed apps, three vulnerabilities
CERT in the United States has issued an alert for Lenovo's vulnerability, and the Chinese headquarters is also stepping up its efforts to uninstall the solution center.
The U.S. Internet Emergency Response Center (CERT) states:
If your Lenovo Solution Center is always open, then hackers can exploit the vulnerability remotely via CSRF. Vulnerability details association 1. Lenovo Solution Center creates a file called The LSCTaskService process can run with administrator privileges and eject a web server on port 55555。 It can also execute code in the local user directory via GET and POST HTTP requests. 2. Lenovo Solution Center generally executes programs anywhere on the hard disk with full control permissions. Put malware in it, and Lenovo Solution Center will execute it. 3. A typical cross-site request forgery (CSRF) vulnerability exists in the LSCTaskServic process that allows any visited web page to pass commands to the local web server and execute them. Dale
Similarly, Dell's bundled tool, Dell System Detection, can directly gain administrator privileges to install malware to damage your computer. Toshiba
Toshiba's service station tool allows ordinary users or unauthorized software to directly have the authority of a system-level user to read the operating system's registry.
Original:http://www.freebuf.com/news/88650.html
| 
Posted on 12/11/2015 2:26:50 PM
|
|
|
Posted on 12/11/2015 5:09:36 PM
|
