Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLenovoCVELIST:CVE-2018-16089
HistoryNov 27, 2018 - 2:00 p.m.

CVE-2018-16089 System Management Module Vulnerabilities

2018-11-2714:00:00
lenovo
www.cve.org
1

EPSS

0.001

Percentile

45.2%

JSON

In System Management Module (SMM) versions prior to 1.06, a field in the header of SMM firmware update images is insufficiently sanitized, allowing post-authentication command injection on the SMM as the root user.

CNA Affected

[
  {
    "product": "ThinkSystem SMM",
    "vendor": "Lenovo",
    "versions": [
      {
        "lessThan": "1.06",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
nvd 1
cve 1
lenovo 2
prion
prion
Command injection
2018-11-27 14:29:00
nvd
nvd
CVE-2018-16089
2018-11-27 14:29:00
cve
cve
CVE-2018-16089
2018-11-27 14:29:00
lenovo
lenovo
System Management Module Vulnerabilities - US
2018-10-18 23:43:36
System Management Module Vulnerabilities - Lenovo Support US
2018-10-18 23:43:36

EPSS

0.001

Percentile

45.2%

JSON
Related for CVELIST:CVE-2018-16089
prion1nvd1cve1lenovo2