20k5 Security Vulnerabilities

CVE-2019-6171

A vulnerability was reported in various BIOS versions of older ThinkPad systems that could allow a user with administrative privileges or physical access the ability to update the Embedded Controller with unsigned...

CVE-2018-9062

In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary...