A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range.
oryginał ENCVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HLenovo Thinkpad 10
HWLenovowszystkie wersjeLenovo Thinkpad 10 Firmware
OSLenovo< 2021-10-25Lenovo Thinkpad S2 Gen 6
HWLenovowszystkie wersjeLenovo Thinkpad S2 Gen 6 Firmware
OSLenovo< 2021-10-31Lenovo Thinkpad S2 Yoga Gen 6
HWLenovowszystkie wersjeLenovo Thinkpad S2 Yoga Gen 6 Firmware
OSLenovo< 2021-10-31Lenovo Thinkpad T460p
HWLenovowszystkie wersjeLenovo Thinkpad T460p Firmware
OSLenovo< 2021-10-29Lenovo Thinkpad T460s
HWLenovowszystkie wersjeLenovo Thinkpad T460s Firmware
OSLenovo< n1cet84wLenovo Thinkpad T480
HWLenovowszystkie wersjeLenovo Thinkpad T480 Firmware
OSLenovo< n24et65wLenovo Thinkpad T550
HWLenovowszystkie wersjeLenovo Thinkpad T550 Firmware
OSLenovo< n11et54wLenovo Thinkpad T560
HWLenovowszystkie wersjeLenovo Thinkpad T560 Firmware
OSLenovo< n1ket52wLenovo Thinkpad T570
HWLenovowszystkie wersjeLenovo Thinkpad T570 Firmware
OSLenovo< n1vet57wLenovo Thinkpad T580
HWLenovowszystkie wersjeLenovo Thinkpad T580 Firmware
OSLenovo< n27et43wLenovo Thinkpad T590
HWLenovowszystkie wersjeLenovo Thinkpad T590 Firmware
OSLenovo< n2iet96wLenovo Thinkpad W550s
HWLenovowszystkie wersjeLenovo Thinkpad W550s Firmware
OSLenovo< n11et54wLenovo Thinkpad X12 Detachable Gen 1
HWLenovowszystkie wersjeLenovo Thinkpad X12 Detachable Gen 1 Firmware
OSLenovo< 2021-10-31Lenovo Thinkpad X13 Gen 1
HWLenovowszystkie wersjeLenovo Thinkpad X13 Gen 1 Firmware
OSLenovo< n2yet31wLenovo Thinkpad X13 Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad X13 Gen 2 Firmware
OSLenovo< n35et41w
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2019-18619HIGH7.8ten sam produkt
Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all ver...
CVE-2018-16098HIGH7.8ten sam produkt
In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics...
CVE-2017-3767HIGH7.8ten sam produkt
A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1....
CVE-2023-5078MEDIUM6.7ten sam produkt
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...
CVE-2022-4573MEDIUM6.7ten sam produkt
An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with loca...