EUVD-2021-27091

Malware in sbrugna...

CVE-2021-3897

An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

CVE-2021-3849

An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

System Management Module (SMM v1 and v2) and Fan Power Controller (FPC) Vulnerabilities - Lenovo Support US

No description provided...

PT-2024-3581 · Lenovo · Thinkagile +3

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem, ThinkAgile, NeXtScale, and Lenovo CP-CB-10 affected versions not specified SMM/SMM2 and FPC affected versions not specified Description: A command injection issue was identified in the System Management Module SMM/SMM2 and...

PT-2024-3582 · Lenovo · Thinkagile +3

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkSystem, ThinkAgile, NeXtScale, and Lenovo CP-CB-10 affected versions not specified Description: The issue is related to an authentication bypass vulnerability in the System Management Module SMM/SMM2 and Fan Power Controller FPC...

CVE-2021-3897

An authentication bypass vulnerability was discovered in an internal service of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware during an that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

CVE-2021-3849

An authentication bypass vulnerability was discovered in the web interface of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware that could allow an unauthenticated attacker to execute commands on the SMM and FPC2. SMM2 is not affected...

PT-2022-10823 · Lenovo · Lenovo System Management Module +1

Name of the Vulnerable Software and Affected Versions: Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware affected versions not specified SMM2 is not affected. Description: An authentication bypass issue was discovered in an internal service of the Lenovo Fan Power...

Lenovo Fan Power Controller2和Lenovo System Management Module 授权问题漏洞

Lenovo Fan Power Controller2 Lenovo Fpc2 and Lenovo System Management Module Lenovo Smm are both products of the Chinese company Lenovo.Lenovo Fan Power Controller2 is a fan power controller firmware. Lenovo System Management Module is a system management module firmware. A security vulnerability...

Lenovo Fan Power Controller2 授权问题漏洞

Lenovo Fan Power Controller2 Lenovo Fpc2 is a fan power controller firmware from Lenovo China. A security vulnerability exists in the internal services of the Lenovo Fan Power Controller2 FPC2 and Lenovo System Management Module SMM firmware that could allow an unauthenticated attacker to execute...

Security Bulletin: IBM NeXtScale Fan Power Controller (FPC) is affected by vulnerability in OpenSSL (CVE-2019-1559)

Summary IBM NeXtScale Fan Power Controller FPC has addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one the...

Security Bulletin: IBM NeXtScale Fan Power Controller (FPC) is affected by vulnerability in OpenSSL (CVE-2018-0734)

Summary IBM NeXtScale Fan Power Controller FPC has addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2018-0734 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing side channel attack in the DSA signature algorithm...

Security Bulletin: Vulnerability in OpenSSL affects IBM NeXtScale Fan Power Controller (FPC) (CVE-2017-3735)

Summary IBM NeXtScale Fan Power Controller FPC has addressed the following vulnerability in OpenSSL. Vulnerability Details Summary IBM NeXtScale Fan Power Controller FPC has addressed the following vulnerability in OpenSSL. Vulnerability Details CVEID: CVE-2017-3735 Description: OpenSSL could all...

Security Bulletin: Vulnerabilities in OpenSSL affect NeXtScale n1200 Enclosure Fan Power Controller (FPC) (CVE-2014-3567)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Fan Power Controller. Fan Power Controller has addressed the applicable CVEs and included the SSL 3.0 Fallback protection...

Security Bulletin: OpenSSL vulnerabilties affect IBM NeXtScale Fan Power Controller (FPC)

Summary IBM NeXtScale Fan Power Controller FPC has addressed the following vulnerabilities in OpenSSL. Vulnerability Details CVEID: CVE-2018-0739 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remote attacker could...

OpenSLP Memory Corruption Vulnerability

Lenovo ThinkServer RD350G, etc. are products of Lenovo China.Lenovo ThinkServer RD350G, RD350X, RD450X, and HR650 are rackmount servers; N3310, N4610 are NAS storage devices; Fan Power Controller FPC is a fan speed controller.OpenSLP Service Location Protocol is an IETF standard protocol develope...