A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS.
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HLenovo Thinkpad 11e 3rd Gen
HWLenovowszystkie wersjeLenovo Thinkpad 11e 3rd Gen Firmware
OSLenovo≤ 1.22≤ 1.29Lenovo Thinkpad 11e 4th Gen Celeron
HWLenovowszystkie wersjeLenovo Thinkpad 11e 4th Gen Celeron Firmware
OSLenovo≤ 1.27Lenovo Thinkpad 11e 4th Gen I3
HWLenovowszystkie wersjeLenovo Thinkpad 11e 4th Gen I3 Firmware
OSLenovo≤ 1.22Lenovo Thinkpad 11e 4th Gen I5
HWLenovowszystkie wersjeLenovo Thinkpad 11e 4th Gen I5 Firmware
OSLenovo≤ 1.22Lenovo Thinkpad 11e 4th Gen I7
HWLenovowszystkie wersjeLenovo Thinkpad 11e 4th Gen I7 Firmware
OSLenovo≤ 1.22Lenovo Thinkpad 11e 5th Gen
HWLenovowszystkie wersjeLenovo Thinkpad 11e 5th Gen Firmware
OSLenovo≤ 1.13Lenovo Thinkpad 11e Yoga Gen 6
HWLenovowszystkie wersjeLenovo Thinkpad 11e Yoga Gen 6 Firmware
OSLenovo≤ 1.12Lenovo Thinkpad 13 Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad 13 Gen 2 Firmware
OSLenovo≤ 1.29Lenovo Thinkpad E490
HWLenovowszystkie wersjeLenovo Thinkpad E490 Firmware
OSLenovo≤ 1.30Lenovo Thinkpad E490s
HWLenovowszystkie wersjeLenovo Thinkpad E490s Firmware
OSLenovo≤ 1.30Lenovo Thinkpad E590
HWLenovowszystkie wersjeLenovo Thinkpad E590 Firmware
OSLenovo≤ 1.30Lenovo Thinkpad L13
HWLenovowszystkie wersjeLenovo Thinkpad L13 Firmware
OSLenovo≤ 1.31Lenovo Thinkpad L13 Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad L13 Gen 2 Firmware
OSLenovo≤ 1.11≤ 1.08Lenovo Thinkpad L13 Yoga
HWLenovowszystkie wersjeLenovo Thinkpad L13 Yoga Firmware
OSLenovo≤ 1.31Lenovo Thinkpad L13 Yoga Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad L13 Yoga Gen 2 Firmware
OSLenovo≤ 1.11≤ 1.08
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
Related vulnerabilities
CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt
Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP
CVE-2022-47986CRITICAL9.8⚠ KEVten sam produkt
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...
CVE-2022-22954CRITICAL9.8⚠ KEVten sam produkt
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-s...
CVE-2020-4006CRITICAL9.1⚠ KEVten sam produkt
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a...