Lenovo Security Advisory: LEN-11340

Potential Impact: Privilege Escalation 

Severity: High

Scope of Impact: Lenovo-specific

CVE Identifier: CVE-2016-8235

Summary Description:

An unquoted service path vulnerability was identified in the Lenovo Customer Care Software Development Kit (CCSDK) that could allow a user with local privileges on a system to execute code with administrative privileges.

The Customer Care Software Development Kit (CCSDK) on Lenovo Desktop and Lenovo Notebook systems provides anonymous, non-personally identifiable diagnostic device data to Lenovo to help Lenovo improve both existing and future products.

Mitigation Strategy for Customers (what you should do to protect yourself):

Update CCSDK to version 2.0.16.3 or later by opening Lenovo System Update, clicking on “Get new updates” and following the prompts to update to the latest version of CCSDK. Users can also manually update by following the instructions at the link here.

Steps to verify that you are running the latest version of CCSDK:

1. For Windows 8, 8.1 and Windows 10, right-click the screen's bottom-left corner Windows icon. Type Control Panel, and then, under Programs or Programs and Features,  click “Uninstall a Program.” 

            In Windows 7, open Programs and Features by clicking the Start button, clicking Control Panel, clicking Programs, and then clicking Programs and Features.

2. When you find the program “CCSDK”, click it, and then view the version number

Product Impact:

Lenovo Customer Care Software Development Kit (CCSDK) is supported on the following Lenovo Notebook products:

• Lenovo Flex 3-1120, Lenovo Flex 3-1130, Lenovo Flex 3-1480, Flex 3-1580, Lenovo Flex 2 Pro-15(Broadwell), Lenovo Edge 15(Broadwell), Edge 2-1580
• Lenovo Flex 3-1435, Flex 3-1470(HSW), Flex 3-1470(BDW), Flex 3-1570(HSW), Lenovo Flex 3-1570(BDW), Lenovo Flex 10, Lenovo Flex 2-14, Flex 2-15, Flex 2-14D, 2-15D, Flex 4 -1435, Flex 4-1470, Flex 4-1570, FLEX 4-1480, FLEX 4-1580, Flex 4-1130
• Yoga 500-14IBD, Yoga 500-15IBD, Yoga 500-14IHW, Yoga 500-15IHW, Yoga 500-14ACL, Lenovo Yoga 3-1470, Lenovo YOGA 3 Pro-1370, Lenovo Yoga 2 11(Bay Trail-M), Lenovo Yoga 2 11(Haswell), Lenovo Yoga 2 13, Lenovo Yoga 3-1170
• Lenovo S41-70(HSW), S41-70(BDW), Lenovo U41-70(HSW), U41-70(BDW), Lenovo S41-35, Lenovo S41-75
• Lenovo G40-45, G50-45, Lenovo G40-80(BDW), G40-80(HSW), G50-80(HSW), G50-80(BDW), Lenovo G41-35, G51-35, Lenovo G70-35, Lenovo G70-80, G40-30, G50-30, G40-70, G50-70, G50-80 Touch, G50-80m, G40-80m
• M51-80, M41-80
• E41-80 , E51-80, E31-70 (HSW), E31-70 (BDW), E31-80, E40-80, E50-80, E40-30, E41-10, E41-15
• B41-30, B51-30, B41-80, B50-10, B51-80,B40-80, B50-80, B40-45, B50-45, B70-80,B40-30, B50-30, B50-30 Touch, B41-35, B51-35, B110-14IBR, B71-80, 
  B50-50
• Erazer Z41-70, Zrazer Z51-70
• Lenovo S21e-20
• RESCUER 14ISK , RESCUER 15ISK
• Lenovo U31-70(HSW), U31-70(BDW)
• Lenovo Y40-70, Lenovo Y50-70
• ideapad Y700-15ACZ
• Lenovo Z40-70, Z50-70, Lenovo Z40-75, Z50-75, Lenovo Z41-70, Z51-70, Lenovo Z70-80
• Lenovo Miix 2 11 Tablet, Lenovo Miix 3-1030, Lenovo MIIX 3-830
• Lenovo S20-30, S20-30 Touch, Lenovo S40-70, S435, Ideapad S310, S410 Laptop
• Lenovo Y40-80
• ideapad 500-14ACZ, ideapad 500-15ACZ, ideapad 500-14ISK, ideapad 500-15ISK, ideapad 500S-13ISK, ideapad 300-14IBR, ideapad 300-15IBR, 300S-14ISK 
  500S-14ISK
• ideapad 100-15IBD, 100-14IBY, 100-15IBY, 100-14IBD,110-14IBR, 110-15IBR, 110-14IBR, 110-14ISK, 110-15ISK, 110-15ACL, 110-15ACL Touch, 110-17ACL,110s-11IBR, 110-17IKB, 110-14AST,110-15AST, 110-17ISK
• ideapad 300-14ISK, 300-15ISK, 300-17ISK, ideapad 310-15ABR, ideapad 310S-14AST,305-14IBD, 305-15IBD, 305-15ABM, 300S-11IBR, 305-15IBY, 310-14IKB,  310-15IKB, 310s-11IAP, 310 Touch-15IKB, 310-14IAP, 310-15IAP
• Yoga 700-11ISK, Yoga 900-13ISK, Yoga 700-14ISK, Yoga 900S-12ISK, Yoga 900-13ISK2, Yoga 710-11ISK, Yoga 710-14ISK, Yoga 710-15ISK, Yoga 510-14AST, Yoga 500-14ISK, Yoga 500-15ISK, Yoga 300-11IBY, Yoga500-14IBD,Yoga 910-13IKB, Yoga 910-13IKB Glass, Yoga 510-14ISK, Yoga 510-15ISK,Yoga 300-11IBR, Yoga 900-13ISK for business, Yoga 710-14IKB, Yoga 710-15IKB, Yoga 710-11IKB, YOGA 510-14IKB, YOGA 510-15IKB, Yoga 310-11IAP
• ideapad Miix 700-12ISK
• V310-14ISK, V310-15ISK, V110-14IAP, V110-15IAP. V110-15ISK, V110-14AST, V110-15AST, V310-14IKB, V310-15IKB, V510-14IKB, V510-15IKB, V110-17IKB, V110-17ISK, V3000
• ideapad Y700-14ISK, ideapad Y700-15ISK, Y700 Touch-15ISK, ideapad Y700-17ISK, Y50-70 Touch, Y70-70 Touch
• ideapad 700-15ISK, 700-17ISK, 710s-13ISK, 710S Plus-13ISK, 710S Plus-13IKB, 710S-13IKB 
• ideapad Y900-17ISK, ideapad 310-14ISK, 310-15ISK, 310 Touch-15ISK, ideapad 510-15ISK, 310-Touch 15ISK, 310S-15IKB, 310S-14IKB
• ideapad 510S-13ISK, 510S-14ISK, 500S-15ISK, ideapad 310S-14ISK, 510S-13IKB, 510-15IKB, 510S-14IKB
• Miix 310-10ICR,Miix 710-12IKB, Miix 720-12IKB, Miix 510-12ISK
• N23 Winbook
• TianYi 300-14ISK, TianYi 300-15ISK, TianYi 100-14IBD, TianYi 100-15IBD, TianYi310-14ISK, TianYi310-15ISK
• Xiaoxin 300-14ISK, Xiaoxin 700-15ISK, XiaoXin 510S-14ISK, Xiaoxin Air 12, XiaoXin Air 13 Pro, XiaoXin Air 13IKB Pro, Xiaoxin 310-14IKB, Xiaoxin 310-15IKB, Xiaoxin 510S-14IKB, Xiaoxin Air 13IKB, Xiaoxin 310-14ISK
• ZhaoYang E41-80, ZhaoYang E51-80, ZhaoYang E31-8, ZhaoYang E42-80, ZhaoYangE52-80, ZhaoYangE41-15

For a complete list of all Lenovo Product Security Advisories, click here.

Acknowledgements:

Lenovo thanks Ali Önder for discovering this issue.

Revision History:

For the most up to date information, please remain current with updates and advisories from Lenovo regarding your equipment and software. The information provided in this advisory is provided on as “as is” basis without any warranty or guarantee of any kind. Lenovo reserves the right to change or update this advisory at any time.