1176 matches found
LXCA and LXCI Insufficient Input Validation - US
Lenovo Security Advisory: LEN-27805 Potential Impact: Information disclosure, code execution Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-6179, CVE-2019-6180, CVE-2019-6181, CVE-2019-6182 Summary Description: Vulnerabilities reported in Lenovo XClarity Administrator...
Intel Unite Client Vulnerability - US
Lenovo Security Advisory: LEN-27709 Potential Impact: Denial of service Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2019-0132 Summary Description: A potential security vulnerability in Intel Unite Client may allow denial of service. Mitigation Strategy for Customers what y...
LXCA User Account Names Exposed To Unauthenticated Users Who Can Access the Web User Interface - lu
Lenovo Security Advisory: LEN-16335 Potential Impact: LXCA user account names may be exposed to unauthenticated users with access to the LXCA web user interface Severity: Medium Scope of Impact: Lenovo Specific CVE Identifier: CVE-2017-3764 Summary Description: A vulnerability was identified in...
Unquoted Service Path Privilege Escalation in ThinkPad Active Protection System - us
Lenovo Security Advisory: LEN-15765 Potential Impact: Privilege Escalation Severity: High Scope of Impact: Lenovo Specific CVE Identifier: CVE-2017-3756 Summary Description: A privilege escalation vulnerability was identified in Lenovo Active Protection System for ThinkPad systems. An attacker wi...
Row Hammer Privilege Escalation
Lenovo Security Advisory: LEN-2015-009 Potential Impact: Escalation of Privilege Severity: Medium Summary: The Passgate issue aka “Row Hammer” is an inherent design/process limitation in memory for sub 40nm technology such as DDR3/DDR3L/LPDDR2/LPDDR3/GDDR5 that can cause errors in rows of memory...
Intel Ethernet Adapters 800 Series Advisory - Lenovo Support US
No description provided...
System Management Mode (SMM) BIOS Vulnerability in some legacy System x servers - Lenovo Support US
Lenovo Security Advisory: LEN-38625 Potential Impact: Privilege escalation Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2020-8332 Summary Description: A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and...
Lazy FP State Restore - US
Lenovo Security Advisory: LEN-22880 Potential Impact: Information Disclosure Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3665 Summary Description: Intel states that system software may utilize the Lazy FP state restore technique to delay the restoring of state until a...
Login information processed by the IMM2 may be exposed to local IMM2 users - us
Lenovo Security Advisory: LEN-14054 Potential Impact: Disclosure of login credentials to user with local privileges Severity: Medium Scope of Impact: Lenovo Specific CVE Identifier: CVE-2017-3744 Summary Description: A risk has been identified in the IMM2 firmware of Lenovo System x servers where...
Credential disclosure in LXCA log files - us
Lenovo Security Advisory: LEN-11635 Potential Impact: Disclosure of credentials to a non-privileged user Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2016-8233 Summary Description: During an internal security review, log files generated by Lenovo XClarity Administrator LXCA...
SMM "Incursion" Attack
Lenovo Security Advisory: LEN-2015-002 Potential Impact: Execute arbitrary code, Bypass Secure Boot, Denial of Service, Escalation of Privilege Severity: Medium Summary: Some BIOS implementations permit unsafe System Management Mode SMM function calls to memory locations outside of System...
Intel BIOS Platform Sample Code Advisory - Lenovo Support US
No description provided...
Intel AMT and Intel ISM Advisory - Lenovo Support US
Lenovo Security Advisory: LEN-41856 Potential Impact: Privilege escalation Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-8758 Summary Description: Intel reported potential security vulnerabilities in Intel Active Management Technology AMT and Intel Standard Manageability...
Intel PROSet/Wireless WiFi Software Vulnerability - NL
Lenovo Security Advisory: LEN-27828 Potential Impact: Denial of service Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2019-0136 Summary Description: A potential security vulnerability in Intel PROSet/Wireless WiFi Software may allow denial of service. Mitigation Strategy for...
Some Lenovo Brand Notebooks Do Not Have BIOS Write Protection Configured - us
Lenovo Security Advisory: LEN-15084 Potential Impact: Attacker with physical or administrative access could flash malicious BIOS code Severity: High Scope of Impact: Lenovo Specific CVE Identifier: CVE-2017-3754 Summary Description: Some Lenovo brand notebook systems do not have write protections...
Lenovo Accelerator Application Insecure Update Mechanism
Lenovo Security Advisory: LEN-6718 Potential Impact: Remote code execution by an attacker with local network access Severity: High Scope of Impact: Lenovo products described below Summary Description: A vulnerability was identified in the Lenovo Accelerator Application software which could lead t...
Intel Ready Mode Technology Discontinuation - US
Lenovo Security Advisory: LEN-25425 Potential Impact: Privilege escalation Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3698 Summary Description: A potential security vulnerability in the Intel® Ready Mode Technology may allow for escalation of privilege. Intel is not...
Vulnerability in Service Assistance GUI for Lenovo Storage and Storwize Products - lu
Lenovo Security Advisory: LEN-18236 Potential Impact: A vulnerability in the Service Assistant GUI could allow a remote attacker to perform a privilege escalation. Severity: High Scope of Impact: Lenovo Storage/IBM Storwize CVE Identifier: CVE-2017-1710 Summary Description: A vulnerability in the...
Intel® Ethernet Controller X710/XL710 NVM Denial of Service Vulnerability - us
Lenovo Security Advisory: LEN-12029 Potential Impact: Denial of service to the Ethernet controller Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2016-8106 Summary Description: A security vulnerability in the Intel® Ethernet Controller X710 and Intel® Ethernet Controller XL710...
Dolby DAX2 API Vulnerability - Lenovo Support US
No description provided...
Intel Thunderbolt Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-31390 Potential Impact: Information disclosure, privilege escalation Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-14630 Summary Description: Intel reported potential security vulnerabilities, requiring physical access and dedicated equipment...
Apache Struts Open Source Framework Remote Code Execution - Lenovo Support US
No description provided...
Local Privilege Escalation or Denial of Service via the Intel® Graphics Driver
Lenovo Security Advisory: LEN-7484 Potential Impact: Local privilege escalation or denial of service Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2016-5647 Summary Description: Multiple potential vulnerabilities exist in the Intel® Graphics Driver for Microsoft Windows. These...
Intel RAPL Interface Advisory - Lenovo Support US
No description provided...
Intel® PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
No description provided...
NVIDIA GeForce Experience - April 2021 Security Bulletin - Lenovo Support US
No description provided...
Intel RAPL Interface Advisory - Lenovo Support US
Lenovo Security Advisory: LEN-41208 Potential Impact: Information disclosure Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2020-8694, CVE-2020-8695 Summary Description: Intel reported potential security vulnerabilities in the Intel® Running Average Power Limit RAPL Interface...
AMD Radeon Driver Vulnerability - Lenovo Support US
Lenovo Security Advisory: LEN-48973 Potential Impact: Denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-12933 Summary Description: AMD reported a potential vulnerability in AMD Radeon graphics drivers that could result in denial of service. Mitigation Strate...
Brocade Fabric OS Vulnerability - Lenovo Support US
Lenovo Security Advisory: LEN-30367 Potential Impact: Information Disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-16204 Summary Description: Brocade has released software security updates for Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d...
Intel CSME, SPS, and LMS Advisory - Lenovo Support US
No description provided...
Intel AMT Clickjacking Vulnerability - us
Lenovo Security Advisory: LEN-14005 Potential Impact: Information Disclosure Severity: Medium Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-5697 Summary Description: Insufficient clickjacking protection in the Web User Interface of Intel® AMT firmware versions before 9.1.40.100,...
USB Enhanced Performance Keyboard
Lenovo Security Advisory: LEN-2015-015 Potential Impact: Escalation of Privilege Severity: Low Summary: Lenovo’s “USB Enhanced Performance Keyboard” software has a known issue where debug code was accidently left in the application. The debug code includes information about which keys on the...
Lenovo Fingerprint Manager and Lenovo Touch Fingerprint Software Privilege Escalation
Mitigation Strategy for Customers what you should do to protect yourself: There are several ways you can protect yourself. Lenovo recommends that you take one of the following steps: • Starting from March 18, 2016, run Lenovo System Update and install the recommended Fingerprint Manager or Lenovo...
Intel Software Guard Extensions (SGX) Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-29482 Potential Impact: Information Disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-14565, CVE-2019-14566 Summary Description: Intel reported a potential security vulnerability in certain libraries provided in the Intel SGX SDK may...
Lenovo Solution Center Vulnerability - US
Lenovo Security Advisory: LEN-27811 Potential Impact: Privilege escalation Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-6177 Summary Description: A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files t...
GRUB2 Vulnerability – AKA
No description provided...
Brocade Fibre Channel SAN Privilege Escalation - us
Lenovo Security Advisory: LEN-14794 Potential Impact: Local privilege escalation Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2016-8202 Summary Description: A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS FOS releases earli...
Lenovo Service Bridge Contains Privilege Escalation and Other Vulnerabilities - us
Lenovo Security Advisory: LEN-10149 Potential Impact: Local privilege escalation, cross-site request forgery, insecure connection, possibility to insert a forged code signing certificate Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2016-8228, CVE-2016-8229, CVE-2016-8230,...
Intel Ethernet Linux Driver Advisory - Lenovo Support US
No description provided...
Cloud Networking Operating System (CNOS) Vulnerability - Lenovo Support US
Lenovo Security Advisory: LEN-44423 Potential Impact: Remote code execution Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2020-8349 Summary Description: An internal security review has identified an unauthenticated remote code execution vulnerability in CNOS’ optional REST A...
ThinkPad USB-C Dock Vulnerability - US
Lenovo Security Advisory: LEN-27886 Potential Impact: Denial of Service Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2019-6176 Summary Description: A potential vulnerability reported in ThinkPad USB-C Dock 40A9 Firmware version 3.7.2 may allow a denial of service. ...
Reading Privileged Memory with a Side Channel - Lenovo Support US
No description provided...
Lenovo Ultraslim Wireless Keyboard Keystroke Injection - lu
Lenovo Security Advisory: LEN-7267 Potential Impact: Potential unwanted data input Severity: Medium Scope of Impact: Industry-Wide Summary Description: A vulnerability was identified where an attacker with specialized equipment who is within close physical proximity to a system with the dongle fo...
Intel® Storage NVMe and Rapid Storage Technology (RSTe) - US
Lenovo Security Advisory: LEN-24798 Potential Impact: Privilege escalation Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-12131 Summary Description: A potential security vulnerability in the Intel® Storage NVMe and Rapid Storage Technology RSTe driver packs may allow...
Lazy FP State Restore - Lenovo Support US
No description provided...
Industry-wide OSPF routing vulnerability on Lenovo and IBM Networking Switches - us
Lenovo Security Advisory: LEN-14078 Potential Impact: Erasure or alteration of routing tables within a routing domain Severity: Medium Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-3752 Summary Description: An industry-wide vulnerability has been identified in the implementation of the...
Lenovo Edge USB Keyboard Driver Local Privilege Escalation - us
Lenovo Security Advisory: LEN-11588 Potential Impact: Escalation of privileges by a local user Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2016-8225 Summary Description: A vulnerability was identified in the Lenovo Edge USB Keyboard driver for Windows 7, 8 and 10 where a...
Lenovo Fingerprint Manager
Lenovo Security Advisory: LEN-2015-017 Potential Impact: Privilege Escalation Severity: Medium Summary: Lenovo Fingerprint Manger has a local privilege escalation vulnerability. This vulnerability cannot be remotely exploited. A local user logged in to the PC could escalate their privileges by...
AMD Radeon Driver Vulnerability - Lenovo Support US
No description provided...
Intel PROSet Wireless WiFi Software Advisory - Lenovo Support US
Lenovo Security Advisory: LEN-36230 Potential Impact: Escalation of privilege or denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0559 Summary Description: Intel reported potential security vulnerabilities in Intel PROSet/Wireless WiFi Software that may all...