CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Lenovo 133Ideapad S940 14iwl Firmware Ideapad Yoga S940 14iwl FirmwareThinkpad 10 Firmware+130 moreNov 21, 2024 Nov 12, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range. |
1Lenovo 133Ideapad S940 14iwl Firmware Ideapad Yoga S940 14iwl FirmwareThinkpad 10 Firmware+130 moreNov 21, 2024 Nov 12, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code. |
1Lenovo 17214iwl Firmware 330 14ast Firmware330 15ast Firmware+169 moreNov 21, 2024 Jun 9, 2020 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution. |
1Lenovo 100Thinkpad 11e Firmware Thinkpad 11e Yoga Gen 6 FirmwareThinkpad 13 2nd Gen Firmware+97 moreNov 21, 2024 Jun 9, 2020 N/A· v4 6.8 MEDIUM· v3 4.6 MEDIUM· v2 An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege. |