Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2018-9085

🗓️ 16 Nov 2018 14:00:00Reported by lenovoType 
cve
 cve🔗 web.nvd.nist.gov👁 56 Views

A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors

Related
Detection
Affected
Refs
NVD
Vulners
Node
lenovoflex_system_x240_m4_firmwareRange<a3e122b
AND
lenovoflex_system_x240_m4Match-
Node
lenovoflex_system_x440_m4_firmwareRange<cge122b
AND
lenovoflex_system_x440_m4Match-
Node
lenovosystem_x3750_m4_firmwareRange<a5e124b
AND
lenovosystem_x3750_m4Match-
Node
ibmbladecenter_hs23_firmwareRange<tke160c
AND
ibmbladecenterMatchhs23-
Node
ibmbladecenter_hs23e_firmwareRange<ahe160c
AND
ibmbladecenterMatchhs23e-
Node
ibmflex_system_x220_m4_firmwareRange<kse158c
AND
ibmflex_system_x220Match-
Node
ibmflex_system_x222_m4_firmwareRange<cce160c
AND
ibmflex_system_x222_m4Match-
Node
ibmflex_system_x240_m4_firmwareRange<ahe160c
AND
ibmflex_system_x240_m4Match-
Node
ibmflex_system_x280_x6_firmwareRange<n3e132w
AND
ibmflex_system_x280_x6Match-
Node
ibmflex_system_x440_m4_firmwareRange<cne162d
AND
ibmflex_system_x440_m4Match-
Node
ibmflex_system_x480_x6_firmwareRange<n3e132w
AND
ibmflex_system_x480_x6Match-
Node
ibmflex_system_x880_x6_firmwareRange<n2e130e
AND
ibmflex_system_x880_x6Match-
Node
ibmidataplex_dx360_m4_firmwareRange<fhe120d
AND
ibmidataplex_dx360_m4_Match-
Node
ibmidataplex_dx360_m4_water_cooled_firmwareRange<fhe120d
AND
ibmidataplex_dx360_m4_Match-
Node
ibmsystem_x3100_m4_firmwareRange<jqe184c
AND
ibmsystem_x3100_m4
Node
ibmsystem_x3100_m5_firmwareRange<j9e134c
AND
ibmsystem_x3100_m5
Node
ibmsystem_x3250_m4_firmwareRange<jqe184c
AND
ibmsystem_x3250_m4
Node
ibmsystem_x3250_m5_firmwareRange<jue134c
AND
ibmsystem_x3250_m5
Node
ibmsystem_x3300_m4_firmwareRange<yae156c
AND
ibmsystem_x3300_m4
Node
ibmsystem_x3500_m4_firmwareRange<y5e158c
AND
ibmsystem_x3500_m4
Node
ibmsystem_x3530_m4_firmwareRange<bee164c
AND
ibmsystem_x3530_m4
Node
ibmsystem_x3550_m4_firmwareRange<d7e166d
AND
ibmsystem_x3550_m4
Node
ibmsystem_x3630_m4_firmwareRange<vve162c
AND
ibmsystem_x3630_m4
Node
ibmsystem_x3650_m4_firmwareRange<vve160c
AND
ibmsystem_x3650_m4
Node
ibmsystem_x3650_m4_bd_firmwareRange<vve160c
AND
ibmsystem_x3650_m4_bd
Node
ibmsystem_x3650_m4_hd_firmwareRange<vve160c
AND
ibmsystem_x3650_m4_hd
Node
ibmsystem_x3750_m4_firmwareRange<koe160c
AND
ibmsystem_x3750_m4
Node
ibmsystem_x3850_x6_firmwareRange<a8e128c
AND
ibmsystem_x3850_x6
Node
ibmsystem_x3950_x6_firmwareRange<bee164c
AND
ibmsystem_x3950_x6
[
  {
    "product": "System x UEFI",
    "vendor": "Lenovo",
    "versions": [
      {
        "lessThan": "varies",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "System x UEFI",
    "vendor": "IBM",
    "versions": [
      {
        "lessThan": "varies",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 04:14Current
4.8Medium risk
Vulners AI Score4.8
CVSS 24
CVSS 34.9
EPSS0.00137
CWE-276
securitylenovoibmsystem xserversintelspsflash memorycve-2018-9085
56