Servers used to Lenovo’s infrastructure were identified having security vulnerabilities that could have compromised systems on a large scale. Discovered by security researchers from Swascan, the servers had nine major flaws out of which two were classified as high-risk. The rest seven were rated as medium risk flaws. Lenovo has fixed some of the vulnerabilities after Swascan notified them.
What was the response?
Swascan, which collaborated with Lenovo to fix the issues in the servers, praised the Chinese computer manufacturer’s involvement in the resolution.
“These vulnerabilities, if exploited, could have impacted the integrity, availability, and confidentiality of the systems. For this very reason, Swascan immediately contacted the Lenovo Security Department, whose professional response was among the best we’ve encountered, leading to a fruitful collaboration and resolution of the identified vulnerabilities,” Swascan said in a blog.
Previously, Swascan had identified multiple vulnerabilities in products related to Adobe and Microsoft.