A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of service.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HLenovo Thinkagile Hx1021
HWLenovowszystkie wersjeLenovo Thinkagile Hx1021 Firmware
OSLenovo< 3.60_tei386mLenovo Thinkagile Hx1320
HWLenovowszystkie wersjeLenovo Thinkagile Hx1320 Firmware
OSLenovo< 8.40-cdi394nLenovo Thinkagile Hx1321
HWLenovowszystkie wersjeLenovo Thinkagile Hx1321 Firmware
OSLenovo< 8.40-cdi394nLenovo Thinkagile Hx1520 R
HWLenovowszystkie wersjeLenovo Thinkagile Hx1520 R Firmware
OSLenovo< 8.40-cdi394nLenovo Thinkagile Hx1521 R
HWLenovowszystkie wersjeLenovo Thinkagile Hx1521 R Firmware
OSLenovo< 8.40-cdi394nLenovo Thinkagile Hx2320 E
HWLenovowszystkie wersjeLenovo Thinkagile Hx2320 E Firmware
OSLenovo< 8.40-cdi394nLenovo Thinkagile Hx2321
HWLenovowszystkie wersjeLenovo Thinkagile Hx2321 Firmware
OSLenovo< 8.40-cdi394nLenovo Thinkagile Hx2720 E
HWLenovowszystkie wersjeLenovo Thinkagile Hx2720 E Firmware
OSLenovo< 5.20_tei3c8mLenovo Thinkagile Hx3320
HWLenovowszystkie wersjeLenovo Thinkagile Hx3320 Firmware
OSLenovo< 8.40-cdi394nLenovo Thinkagile Hx3321
HWLenovowszystkie wersjeLenovo Thinkagile Hx3321 Firmware
OSLenovo< 8.40-cdi394nLenovo Thinkagile Hx3375
HWLenovowszystkie wersjeLenovo Thinkagile Hx3375 Firmware
OSLenovo< 4.10_d8bt38lLenovo Thinkagile Hx3376
HWLenovowszystkie wersjeLenovo Thinkagile Hx3376 Firmware
OSLenovo< 4.10_d8bt38lLenovo Thinkagile Hx3520 G
HWLenovowszystkie wersjeLenovo Thinkagile Hx3520 G Firmware
OSLenovo< 8.40-cdi394nLenovo Thinkagile Hx3521 G
HWLenovowszystkie wersjeLenovo Thinkagile Hx3521 G Firmware
OSLenovo< 8.40-cdi394nLenovo Thinkagile Hx3720
HWLenovowszystkie wersjeLenovo Thinkagile Hx3720 Firmware
OSLenovo< 5.20_tei3c8m
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoSMemory
Related vulnerabilities
CVE-2021-3849CRITICAL9.8ten sam produkt
An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2...
CVE-2021-3897CRITICAL9.8ten sam produkt
An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controlle...
CVE-2024-2659HIGH7.2ten sam produkt
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user w...
CVE-2023-4606HIGH8.1ten sam produkt
An authenticated XCC user with Read-Only permission can change a different user’s password through a crafted A...
CVE-2023-4607HIGH7.5ten sam produkt
An authenticated XCC user can change permissions for any user through a crafted API command.