CVE-2016-5249

Lenovo Solution Center (LSC) before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly.

Date published : 2016-06-30

https://support.lenovo.com/us/en/product_security/len_7814

https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-012/?fid=8073