2 matches found
CVE-2018-16090
In System Management Module SMM versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to post-authentication command injection...
CVE-2018-16090
The CVE-2018-16090 vulnerability affects Lenovo System Management Module (SMM) firmware prior to 1.06, where the certificate creation and parsing logic allows post-authentication command injection. The Lenovo advisory LEN-24374 documents this issue and links it to several SMM-related CVEs; for CV...