ThinkVantage System Update < 3.14 SSL Certificate Issuer Spoofing
High Nessus Plugin ID 32443
SynopsisA remote Windows host contains a program that is prone to a spoofing attack.
DescriptionThe remote host is running ThinkVantage System Update, a software distribution tool for Lenovo computers.
The version of System Update installed on the remote host reportedly does not perform certificate chain verification when initiating an SSL connection with an update server. An attacker who could redirect connections to a malicious server could leverage this issue to send specially crafted XML and EXE files in response to requests from System Update, which would then lead to arbitrary code execution.
SolutionUpgrade to System Update 3.14 or later.