An improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to execute code with elevated privileges during installation of an application.
Credits
Lenovo thanks Wanjie from Huazhong University of Science and Technology for reporting this issue.
