CVE-2018-9085

Published: Nov 16, 2018Modified: Nov 21, 2024

4.9

Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.2 / Impact: 3.6

Source: NVD

Description

A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors.

Affected (29)

Lenovo

3 products

Flex System X240 M4 Firmware

Flex System X440 M4 Firmware

System X3750 M4 Firmware

Ibm

26 products

Bladecenter Hs23 Firmware

Bladecenter Hs23e Firmware

Flex System X220 M4 Firmware

Flex System X222 M4 Firmware

Flex System X240 M4 Firmware

Flex System X280 X6 Firmware

Flex System X440 M4 Firmware

Flex System X480 X6 Firmware

Flex System X880 X6 Firmware

Idataplex Dx360 M4 Firmware

Idataplex Dx360 M4 Water Cooled Firmware

System X3100 M4 Firmware

System X3100 M5 Firmware

System X3250 M4 Firmware

System X3250 M5 Firmware

System X3300 M4 Firmware

System X3500 M4 Firmware

System X3530 M4 Firmware

System X3550 M4 Firmware

System X3630 M4 Firmware

System X3650 M4 Firmware

System X3650 M4 Bd Firmware

System X3650 M4 Hd Firmware

System X3750 M4 Firmware

System X3850 X6 Firmware

System X3950 X6 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Flex System X240 M4 Firmware	Before a3e122b

Running on/with	Platform Versions
Lenovo Flex System X240 M4	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Flex System X440 M4 Firmware	Before cge122b

Running on/with	Platform Versions
Lenovo Flex System X440 M4	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo System X3750 M4 Firmware	Before a5e124b

Running on/with	Platform Versions
Lenovo System X3750 M4	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Bladecenter Hs23 Firmware	Before tke160c

Running on/with	Platform Versions
Ibm Bladecenter	Version hs23

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Bladecenter Hs23e Firmware	Before ahe160c

Running on/with	Platform Versions
Ibm Bladecenter	Version hs23e

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Flex System X220 M4 Firmware	Before kse158c

Running on/with	Platform Versions
Ibm Flex System X220	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Flex System X222 M4 Firmware	Before cce160c

Running on/with	Platform Versions
Ibm Flex System X222 M4	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Flex System X240 M4 Firmware	Before ahe160c

Running on/with	Platform Versions
Ibm Flex System X240 M4	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Flex System X280 X6 Firmware	Before n3e132w

Running on/with	Platform Versions
Ibm Flex System X280 X6	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Flex System X440 M4 Firmware	Before cne162d

Running on/with	Platform Versions
Ibm Flex System X440 M4	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Flex System X480 X6 Firmware	Before n3e132w

Running on/with	Platform Versions
Ibm Flex System X480 X6	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Flex System X880 X6 Firmware	Before n2e130e

Running on/with	Platform Versions
Ibm Flex System X880 X6	All versions

Configuration M

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Idataplex Dx360 M4 Firmware	Before fhe120d

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Idataplex Dx360 M4 Water Cooled Firmware	Before fhe120d

Running on/with	Platform Versions
Ibm Idataplex Dx360 M4	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3100 M4 Firmware	Before jqe184c

Running on/with	Platform Versions
Ibm System X3100 M4	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3100 M5 Firmware	Before j9e134c

Running on/with	Platform Versions
Ibm System X3100 M5	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3250 M4 Firmware	Before jqe184c

Running on/with	Platform Versions
Ibm System X3250 M4	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3250 M5 Firmware	Before jue134c

Running on/with	Platform Versions
Ibm System X3250 M5	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3300 M4 Firmware	Before yae156c

Running on/with	Platform Versions
Ibm System X3300 M4	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3500 M4 Firmware	Before y5e158c

Running on/with	Platform Versions
Ibm System X3500 M4	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3530 M4 Firmware	Before bee164c

Running on/with	Platform Versions
Ibm System X3530 M4	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3550 M4 Firmware	Before d7e166d

Running on/with	Platform Versions
Ibm System X3550 M4	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3630 M4 Firmware	Before vve162c

Running on/with	Platform Versions
Ibm System X3630 M4	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3650 M4 Firmware	Before vve160c

Running on/with	Platform Versions
Ibm System X3650 M4	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3650 M4 Bd Firmware	Before vve160c

Running on/with	Platform Versions
Ibm System X3650 M4 Bd	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3650 M4 Hd Firmware	Before vve160c

Running on/with	Platform Versions
Ibm System X3650 M4 Hd	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3750 M4 Firmware	Before koe160c

Running on/with	Platform Versions
Ibm System X3750 M4	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3850 X6 Firmware	Before a8e128c

Running on/with	Platform Versions
Ibm System X3850 X6	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm System X3950 X6 Firmware	Before bee164c

Running on/with	Platform Versions
Ibm System X3950 X6	All versions

Related CWEs

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (2)

https://support.lenovo.com/us/en/solutions/LEN-24477

Source: psirt@lenovo.com

Vendor Advisory

https://support.lenovo.com/us/en/solutions/LEN-24477

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.