CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Lenovo 30Thinkpad 11e Firmware Thinkpad 11e Yoga FirmwareThinkpad Helix Firmware+27 moreNov 21, 2024 Apr 22, 2022 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privil...Show more |
1Lenovo 133Ideapad S940 14iwl Firmware Ideapad Yoga S940 14iwl FirmwareThinkpad 10 Firmware+130 moreNov 21, 2024 Nov 12, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range. |
1Lenovo 133Ideapad S940 14iwl Firmware Ideapad Yoga S940 14iwl FirmwareThinkpad 10 Firmware+130 moreNov 21, 2024 Nov 12, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code. |
1Lenovo 21730s 13iml Firmware Ideacentre Aio 5 24imb05 FirmwareIdeacentre Aio 5 74imb05 Firmware+18 moreNov 21, 2024 Jul 16, 2021 N/A· v4 4.6 MEDIUM· v3 2.1 LOW· v2 Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage. |