Description
A potential uncontrolled search path vulnerability was reported in the LanSchool Classic client application that could allow a local authenticated user to execute arbitrary code with elevated privileges.
Published: 2026-06-10
Score: 8.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An uncontrolled search path vulnerability in the LanSchool Classic client allows a local authenticated user to place malicious code and cause the application to load it, giving the attacker arbitrary code execution with elevated privileges. This flaw stems from improper handling of the library search paths, classified as CWE-427. Successful exploitation could enable a local user to run arbitrary commands, modify system files, or install persistent malware, compromising the confidentiality, integrity, and availability of the affected computer.

Affected Systems

The vulnerability affects the LanSchool Classic client application from Lenovo. All installations running a version earlier than 9.3.1.30 are susceptible. Devices using older client releases on any platform supported by LanSchool Classic are at risk.

Risk and Exploitability

The vulnerability carries a CVSS score of 8.5, indicating high severity. No EPSS score is provided. It is not listed in CISA KEV, suggesting no publicly disclosed exploit yet. The attack vector is local; an authenticated user with access to the client must exploit the flaw, typically by manipulating the search path to introduce a malicious library. If the attacker succeeds, they gain code execution rights with the privileges of the LanSchool client, potentially escalating to higher system privileges.

Generated by OpenCVE AI on June 10, 2026 at 15:22 UTC.

Remediation

Vendor Solution

Update the LanSchool Classic client application to version 9.3.1.30 or later. LanSchool Classic customers can update to the latest version by accessing their LanSchool account:  https://lanschool.com/lanschool-login

OpenCVE Recommended Actions

  • Upgrade the LanSchool Classic client to version 9.3.1.30 or later as recommended by Lenovo.
  • If an immediate upgrade is infeasible, restrict the writable directories that the client uses when searching for libraries, removing any back directories that can be overridden.
  • Enforce stricter user privileges for account users running the client, limiting write access to system directories and preventing placement of unauthorized DLLs.

Generated by OpenCVE AI on June 10, 2026 at 15:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 10 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 10 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Title Uncontrolled Search Path Vulnerability in LanSchool Classic Enables Local Code Execution

Wed, 10 Jun 2026 14:45:00 +0000

Type Values Removed Values Added
Description A potential uncontrolled search path vulnerability was reported in the LanSchool Classic client application that could allow a local authenticated user to execute arbitrary code with elevated privileges.
First Time appeared Lenovo
Lenovo lanschool Classic
Weaknesses CWE-427
CPEs cpe:2.3:a:lenovo:lanschool_classic:*:*:*:*:*:*:*:*
Vendors & Products Lenovo
Lenovo lanschool Classic
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Lenovo Lanschool Classic
cve-icon MITRE

Status: PUBLISHED

Assigner: lenovo

Published:

Updated: 2026-06-10T16:06:59.544Z

Reserved: 2026-05-14T19:39:23.525Z

Link: CVE-2026-8637

cve-icon Vulnrichment

Updated: 2026-06-10T16:06:55.975Z

cve-icon NVD

Status : Received

Published: 2026-06-10T15:16:42.930

Modified: 2026-06-10T15:16:42.930

Link: CVE-2026-8637

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-10T15:30:15Z

Weaknesses