Lucene search
+L

23 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-27091

Malware in sbrugna...

9.8CVSS9.2AI score0.01252EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/22 8:11 p.m.14 views

CVE-2021-3897

An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

9.8CVSS7.9AI score0.01245EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 8:9 p.m.9 views

CVE-2021-3849

An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

9.8CVSS7.9AI score0.01252EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2024/05/20 12:0 a.m.7 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...

9CVSS5.9AI score0.00665EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2024/05/20 12:0 a.m.10 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software of Lenovo’s storage systems such as ThinkSystem, ThinkAgile, NeXtScale, as well as Lenovo CP-CB-10 laptops, allow attackers to gain unauthorized access to protected information.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming software of Lenovo’s storage systems such as ThinkSystem, ThinkAgile, NeXtScale, as well as Lenovo CP-CB-10 laptops, is related to the absence of authentication for critical...

7.8CVSS5.6AI score0.0053EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2024/05/20 12:0 a.m.7 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...

9CVSS5.9AI score0.01131EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2024/05/20 12:0 a.m.8 views

The vulnerabilities of the System Management Module (SMM/SMM2) and the Fan Power Controller (FPC) in the microprogramming software for Lenovo ThinkSystem, ThinkAgile, NeXtScale storage systems, as well as Lenovo CP-CB-10 laptops, allow attackers to execute arbitrary commands.

The vulnerability of the System Management Module SMM/SMM2 and the Fan Power Controller FPC in the microprogramming operating systems of Lenovo’s ThinkSystem, ThinkAgile, NeXtScale storage systems, and Lenovo CP-CB-10 laptops exists due to the failure to take measures to neutralize the special...

9CVSS5.9AI score0.01131EPSS
Exploits0References3
lenovo
lenovo
added 2024/04/09 6:40 p.m.2 views

System Management Module (SMM v1 and v2) and Fan Power Controller (FPC) Vulnerabilities - Lenovo Support US

No description provided...

7.3AI score
Exploits0
ptsecurity
ptsecurity
added 2024/04/09 12:0 a.m.12 views

PT-2024-3581 · Lenovo · Thinkagile +3

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem, ThinkAgile, NeXtScale, and Lenovo CP-CB-10 affected versions not specified SMM/SMM2 and FPC affected versions not specified Description: A command injection issue was identified in the System Management Module SMM/SMM2 and...

9CVSS8.2AI score0.01131EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2024/04/09 12:0 a.m.18 views

PT-2024-3582 · Lenovo · Thinkagile +3

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem, ThinkAgile, NeXtScale, and Lenovo CP-CB-10 affected versions not specified Description: The issue is related to an authentication bypass vulnerability in the System Management Module SMM/SMM2 and Fan Power Controller FPC...

7.8CVSS7.4AI score0.0053EPSS
Exploits0References8
attackerkb
attackerkb
added 2022/04/22 9:15 p.m.4 views

CVE-2021-3897

An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

9.8CVSS7.4AI score0.01245EPSS
Exploits0References2
osv
osv
added 2022/04/22 9:15 p.m.4 views

CVE-2021-3897

An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

9.8CVSS5.9AI score0.01245EPSS
Exploits0References1
osv
osv
added 2022/04/22 9:15 p.m.4 views

CVE-2021-3849

An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

9.8CVSS5.9AI score0.01252EPSS
Exploits0References1
attackerkb
attackerkb
added 2022/04/22 9:15 p.m.3 views

CVE-2021-3849

An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

9.8CVSS7.4AI score0.01252EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2022/04/22 12:0 a.m.7 views

PT-2022-10823 · Lenovo · Lenovo System Management Module +1

Name of the Vulnerable Software and Affected Versions: Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware affected versions not specified SMM2 is not affected. Description: An authentication bypass issue was discovered in an internal service of the Lenovo Fan Power...

9.8CVSS9.7AI score0.01245EPSS
Exploits0References3
cnnvd
cnnvd
added 2021/12/14 12:0 a.m.5 views

Lenovo Fan Power Controller2 授权问题漏洞

Lenovo Fan Power Controller2 Lenovo Fpc2 is a fan power controller firmware from Lenovo China. A security vulnerability exists in the internal services of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware that could allow an unauthenticated attacker to execute...

9.8CVSS8.5AI score0.01245EPSS
Exploits0References3
cnnvd
cnnvd
added 2021/12/14 12:0 a.m.5 views

Lenovo Fan Power Controller2和Lenovo System Management Module 授权问题漏洞

Lenovo Fan Power Controller2 Lenovo Fpc2 and Lenovo System Management Module Lenovo Smm are both products of the Chinese company Lenovo.Lenovo Fan Power Controller2 is a fan power controller firmware. Lenovo System Management Module is a system management module firmware. A security vulnerability...

9.8CVSS8.5AI score0.01252EPSS
Exploits0References3
ibm
ibm
added 2019/12/20 8:47 a.m.20 views

Security Bulletin: IBM NeXtScale Fan Power Controller (FPC) is affected by vulnerability in OpenSSL (CVE-2019-1559)

Summary IBM NeXtScale Fan Power Controller FPC has addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one the...

5.9CVSS0.7AI score0.17139EPSS
Exploits0
ibm
ibm
added 2019/04/17 4:0 p.m.39 views

Security Bulletin: IBM NeXtScale Fan Power Controller (FPC) is affected by vulnerability in OpenSSL (CVE-2018-0734)

Summary IBM NeXtScale Fan Power Controller FPC has addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2018-0734 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm...

5.9CVSS0.6AI score0.12154EPSS
Exploits0Affected Software1
ibm
ibm
added 2019/01/31 2:40 a.m.40 views

Security Bulletin: Vulnerability in OpenSSL affects IBM NeXtScale Fan Power Controller (FPC) (CVE-2017-3735)

Summary IBM NeXtScale Fan Power Controller FPC has addressed the following vulnerability in OpenSSL. Vulnerability Details Summary IBM NeXtScale Fan Power Controller FPC has addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2017-3735 Description: OpenSSL could all...

5.3CVSS5.8AI score0.17699EPSS
Exploits0
Rows per page
Query Builder