CVE ID | Publié | Description | Score | Gravité |
---|---|---|---|---|
A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range. | 5.5 |
Moyen |
||
A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS. | 4.6 |
Moyen |
||
A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code. | 6.7 |
Moyen |
||
A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution. | 6.7 |
Moyen |
||
An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege. | 6.8 |
Moyen |
||
In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code. | 6.8 |
Moyen |