Lenovo Service Bridge

lenovo_service_bridge

Vendor: Lenovo • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-8231 1Lenovo 1Lenovo Service Bridge May 13, 2026 Jun 4, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Lenovo Service Bridge before version 4, a bug found in the signature verification logic of the code signing certificate could be exploited by an attacker to insert a forged code signing certificate.
CVE-2016-8230 1Lenovo 1Lenovo Service Bridge May 13, 2026 Jun 4, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send system serial number, machine type and model and product name to Lenovo's servers.
CVE-2016-8229 1Lenovo 1Lenovo Service Bridge May 13, 2026 Jun 4, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A cross-site request forgery vulnerability in Lenovo Service Bridge before version 4 could be exploited by an attacker with access to the DHCP server used by the system where LSB is installed.
CVE-2016-8228 1Lenovo 1Lenovo Service Bridge May 13, 2026 Jun 4, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges.