HomeIntelligenceBrief
VULNERABILITY BRIEF🟠 High Vulnerability

Unquoted Service Path in Lenovo LegionSpace 1.7.11.2 Enables Local Privilege Escalation

Lenovo LegionSpace 1.7.11.2 contains an unquoted service path for DAService, allowing a local attacker to place a malicious executable that runs with SYSTEM privileges. Organizations using this software should upgrade to version 1.8.12.13 or apply a quoting mitigation to protect against privilege escalation.

LiveThreat™ Intelligence · 📅 May 22, 2026· 📰 exploit-db.com
🟠
Severity
High
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
3 recommended
📰
Source
exploit-db.com

Unquoted Service Path in Lenovo LegionSpace 1.7.11.2 Enables Local Privilege Escalation

What Happened – A mis‑configured Windows service (DAService) in Lenovo LegionSpace 1.7.11.2 contains an unquoted executable path (C:\Program Files\Lenovo\LegionSpace\1.7.11.2\LSDaemon.exe). An attacker with local user rights can place a malicious executable in C:\Program Files\Lenovo\LegionSpace\1.7.11.2\ and have it executed with SYSTEM privileges when the service starts.

Why It Matters for TPRM

  • Local privilege escalation can be leveraged to bypass endpoint hardening and move laterally across a vendor‑managed environment.
  • Third‑party devices that ship with the vulnerable version may expose client networks if not patched promptly.
  • The flaw demonstrates the risk of inadequate build‑time hardening in commercial software supplied to enterprises.

Who Is Affected

  • Technology & SaaS vendors that deploy Lenovo LegionSpace on employee workstations or kiosks.
  • Managed Service Providers (MSPs) that include Lenovo hardware in their service offerings.

Recommended Actions

  • Verify that any Lenovo LegionSpace installations are running version 1.8.12.13 or later.
  • If older versions are present, schedule an immediate upgrade or apply a temporary mitigation (e.g., quote the service path via sc config).
  • Review endpoint hardening controls (application whitelisting, least‑privilege policies) to detect unauthorized binaries in the service directory.

Technical Notes

  • Attack Vector: Unquoted Service Path (misconfiguration).
  • Impact: Local code execution with SYSTEM privileges; can be a stepping stone to broader compromise.
  • Mitigation: Upgrade to Lenovo LegionSpace 1.8.12.13+; alternatively, edit the service registry to quote the executable path.
  • Reference: Exploit‑DB ID 52570 (https://www.exploit-db.com/exploits/52570)
📰 Original Source
https://www.exploit-db.com/exploits/52570

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →