During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HLenovo Thinkpad 11e
HWLenovowszystkie wersjeLenovo Thinkpad 11e Firmware
OSLenovo< n15et78wLenovo Thinkpad 11e Yoga
HWLenovowszystkie wersjeLenovo Thinkpad 11e Yoga Firmware
OSLenovo< n15et78wLenovo Thinkpad Helix
HWLenovowszystkie wersjeLenovo Thinkpad Helix Firmware
OSLenovo< n17eta8wLenovo Thinkpad L560
HWLenovowszystkie wersjeLenovo Thinkpad L560 Firmware
OSLenovo< n1het85wLenovo Thinkpad L570
HWLenovowszystkie wersjeLenovo Thinkpad L570 Firmware
OSLenovo< n1xet65wLenovo Thinkpad P50s
HWLenovowszystkie wersjeLenovo Thinkpad P50s Firmware
OSLenovo< n1ket46wLenovo Thinkpad P51s
HWLenovowszystkie wersjeLenovo Thinkpad P51s Firmware
OSLenovo< n1vet50wLenovo Thinkpad P52s
HWLenovowszystkie wersjeLenovo Thinkpad P52s Firmware
OSLenovo< n27et36wLenovo Thinkpad S540
HWLenovowszystkie wersjeLenovo Thinkpad S540 Firmware
OSLenovo< gpet80wwLenovo Thinkpad T550
HWLenovowszystkie wersjeLenovo Thinkpad T550 Firmware
OSLenovo< n11et50wLenovo Thinkpad T560
HWLenovowszystkie wersjeLenovo Thinkpad T560 Firmware
OSLenovo< n1ket46wLenovo Thinkpad T570
HWLenovowszystkie wersjeLenovo Thinkpad T570 Firmware
OSLenovo< n1vet50wLenovo Thinkpad T580
HWLenovowszystkie wersjeLenovo Thinkpad T580 Firmware
OSLenovo< n27et36wLenovo Thinkpad W540
HWLenovowszystkie wersjeLenovo Thinkpad W540 Firmware
OSLenovo< gnet92wwLenovo Thinkpad W541
HWLenovowszystkie wersjeLenovo Thinkpad W541 Firmware
OSLenovo< gnet92ww
Related vulnerabilities
Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all ver...
In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics...
A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1....
A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad ...
A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may...