CVE-2016-8224
4.4
Vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Exploitability: 0.8 / Impact: 3.6
Source: NVD
Description
A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system.
Affected (29)
Products: Lenovo: Bios, Notebook 110 14ibr Bios, Notebook 110 15ibr Bios, Notebook B70 80 Bios, Notebook E31 80 Bios, Notebook E40 80 Bios, Notebook E41 80 Bios, Notebook E51 80 Bios, Notebook G40 80 Bios, Notebook G50 80 Bios, Notebook G50 80 Touch Bios, Notebook Ideapad 300 14ibr Bios, Notebook Ideapad 300 14isk Bios, Notebook Ideapad 300 15ibr Bios, Notebook Ideapad 300 15isk Bios, Notebook Ideapad 300 17isk Bios, Notebook Ideapad 510s 12isk Bios, Notebook K21 80 Bios, Notebook K41 80 Bios, Notebook Miix 710 12ikb Bios, Notebook Xiaoxin Air 12 Bios, Notebook Yoga 510 14isk Bios, Notebook Yoga 510 15isk Bios, Notebook Yoga 710 11ikb Bios, Notebook Yoga 710 11isk Bios, Notebook Yoga 900 13isk Bios, Notebook Yoga 900s 12isk Bios, Thinkserver Ts150 Bios, Thinkserver Ts450 Bios
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions |
| Running on/with | Platform Versions |
|---|---|
Lenovo Notebook 110 14ibr | All versions |
Lenovo Notebook 110 15ibr | All versions |
Lenovo Notebook B70 80 | All versions |
Lenovo Notebook E31 80 | All versions |
Lenovo Notebook E40 80 | All versions |
Lenovo Notebook E41 80 | All versions |
Lenovo Notebook E51 80 | All versions |
Lenovo Notebook G40 80 | All versions |
Lenovo Notebook G50 80 | All versions |
Lenovo Notebook G50 80 Touch | All versions |
Lenovo Notebook Ideapad 300 14ibr | All versions |
Lenovo Notebook Ideapad 300 14isk | All versions |
Lenovo Notebook Ideapad 300 15ibr | All versions |
Lenovo Notebook Ideapad 300 15isk | All versions |
Lenovo Notebook Ideapad 300 17isk | All versions |
Lenovo Notebook Ideapad 510s 12isk | All versions |
Lenovo Notebook K21 80 | All versions |
Lenovo Notebook K41 80 | All versions |
Lenovo Notebook Miix 710 12ikb | All versions |
Lenovo Notebook Xiaoxin Air 12 | All versions |
Lenovo Notebook Yoga 510 14isk | All versions |
Lenovo Notebook Yoga 510 15isk | All versions |
Lenovo Notebook Yoga 710 11ikb | All versions |
Lenovo Notebook Yoga 710 11isk | All versions |
Lenovo Notebook Yoga 900 13isk | All versions |
Lenovo Notebook Yoga 900s 12isk | All versions |
Lenovo Thinkserver Ts150 | All versions |
Lenovo Thinkserver Ts450 | All versions |
Related CWEs
References (4)
Source: psirt@lenovo.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.