Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
lenovoLenovoLENOVO:PS500192-NOSID
HistoryNov 14, 2018 - 2:28 a.m.

Missing System x Flash Memory Write Protection Lock Bit - US

2018-11-1402:28:32
support.lenovo.com
335

0.001 Low

EPSS

Percentile

19.9%

JSON

Lenovo Security Advisory: LEN-24477

Potential Impact: Denial of service

Severity: High

Scope of Impact: Lenovo-specific

CVE Identifier: CVE-2018-9085

Summary Description:

A write protection lock bit was left unset after boot on an older generation of System x server, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors. Other system firmware remains protected and unmodifiable, such as UEFI (BIOS) or IMM2.

Mitigation Strategy for Customers (what you should do to protect yourself):

Update UEFI to the version (or newer) described for your model in the product impact section below.

Product Impact:

Related

prion 1
cvelist 1
lenovo 1
nvd 1
ibm 1
cve 1
prion
prion
Design/Logic Flaw
2018-11-16 14:29:00
cvelist
cvelist
CVE-2018-9085 Missing System x Flash Memory Write Protection Lock Bit
2018-11-16 14:00:00
lenovo
lenovo
Missing System x Flash Memory Write Protection Lock Bit - Lenovo Support US
2018-11-14 02:28:32
nvd
nvd
CVE-2018-9085
2018-11-16 14:29:00
ibm
ibm
Security Bulletin: Denial of service vulnerability affects IBM Unified Extensible Firmware Interface (CVE-2018-9085)
2023-12-07 22:45:03
cve
cve
CVE-2018-9085
2018-11-16 14:29:00

0.001 Low

EPSS

Percentile

19.9%

JSON
Related for LENOVO:PS500192-NOSID
prion1cvelist1lenovo1nvd1ibm1cve1