CVE 2016-8230
In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send system serial number, machine type and model and product name to Lenovo's servers.
See the
CVE page on Mitre.org
for more details.