Lenovo Two Minutes Later

Lenovo CVE-2020-8319 and CVE-2020-8324 PoC

Last week I covered two vulnerabilities that were discovered in the Lenovo Vantage software. CVE-2020-8319 and CVE-2020-8324 will essentially lead to obtaining SYSTEM through privilege escalation from an unprivileged account.

If you’re interested in reading the full write up then head over to my blog post – PrivEsc in Lenovo Vantage. Two minutes later.

Those that are running Lenovo Vantage, and specifically the System Interface Foundation component, then hopefully you have all had a chance to upgrade to 1.1.19.3 or higher. If not, head over to the Lenovo website to download the latest version.

Lenovo System Interface Foundation for Windows 10 (32-bit, 64-bit) – ThinkPad, ThinkCentre, IdeaPad, IdeaCentre, ThinkStation – US

I have decided to release a C# proof of concept on GitHub. You’ll need to generate your own DLL to be used during the exploit which will be loaded under the SYSTEM account. Meterpreter payload works well, or your can roll your own.

Enjoy!

Leave a Reply

Your email address will not be published. Required fields are marked *