CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Lenovo 133Ideapad S940 14iwl Firmware Ideapad Yoga S940 14iwl FirmwareThinkpad 10 Firmware+130 moreNov 21, 2024 Nov 12, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range. |
1Lenovo 133Ideapad S940 14iwl Firmware Ideapad Yoga S940 14iwl FirmwareThinkpad 10 Firmware+130 moreNov 21, 2024 Nov 12, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code. |
1Lenovo 392130 14ikb Firmware 130 15ikb Firmware330 14ikb Firmware+389 moreNov 21, 2024 Nov 12, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, and T470p, BIOS versions up to R0FET50W, which may allow for unauthorized access. |
1Lenovo 392130 14ikb Firmware 130 15ikb Firmware330 14ikb Firmware+389 moreNov 21, 2024 Nov 12, 2019 N/A· v4 6.4 MEDIUM· v3 4.4 MEDIUM· v2 A potential vulnerability in the SMI callback function used in Legacy USB driver using passed parameter without sufficient checking in some Lenovo ThinkPad models may allow arbitrary code execution. |
1Lenovo 392130 14ikb Firmware 130 15ikb Firmware330 14ikb Firmware+389 moreNov 21, 2024 Nov 12, 2019 N/A· v4 6.4 MEDIUM· v3 4.4 MEDIUM· v2 A potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phase in some Lenovo ThinkPad models may allow arbitrary code execution. |