Lucene search
K
LenovoRecent

1170 matches found

Lenovo
Lenovo
added 2018/11/14 1:18 a.m.338 views

AMI Firmware Permits Microcode Downgrade - US

Lenovo Security Advisory: LEN-24239 Potential Impact: Unauthorized microcode downgrade Severity: Medium Scope of Impact: Industry-wide Summary Description: AMI has reported to Lenovo that the BIOS supplied by AMI may allow an attacker to revert the CPU firmware to an older version. Mitigation...

3.4AI score
Exploits0
Lenovo
Lenovo
added 2018/11/14 1:18 a.m.13 views

AMI Firmware Permits Microcode Downgrade - Lenovo Support US

No description provided...

7.3AI score
Exploits0
Lenovo
Lenovo
added 2018/11/13 5:10 p.m.475 views

Intel® PROSet/Wireless WiFi Software Vulnerabilities - US

Lenovo Security Advisory: LEN-24443 Potential Impact: Elevation of Privilege, Denial of Service, Information Disclosure Severity: High Scope of Impact: Systems with specific versions of Intel® PROSet/Wireless WiFi Software CVE Identifier: CVE-2006-7250, CVE-2007-3108, CVE-2007-4995, CVE-2007-5135...

10CVSS3.7AI score0.99999EPSS
Exploits55
Lenovo
Lenovo
added 2018/11/13 5:10 p.m.67 views

Intel® PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US

No description provided...

6.2AI score
Exploits0
Lenovo
Lenovo
added 2018/11/12 2:56 p.m.27 views

Lenovo Smart Assistant Factory Test Mode - Lenovo Support US

No description provided...

6.9CVSS6.4AI score0.00286EPSS
Exploits0
Lenovo
Lenovo
added 2018/10/24 12:22 p.m.1449 views

Reading Privileged Memory with a Side Channel - US

Lenovo Security Advisory: LEN-18282 Potential Impact: Malicious code running locally may be able to observe contents of privileged memory, circumventing expected privilege levels. Severity: High Scope of Impact: Industry-wide CVE Identifier: “Spectre” CVE-2017-5753, CVE-2017-5715 “Meltdown”...

4.7CVSS7.2AI score0.93838EPSS
Exploits13
Lenovo
Lenovo
added 2018/10/24 12:22 p.m.61 views

Reading Privileged Memory with a Side Channel - Lenovo Support US

No description provided...

7.4AI score
Exploits0
Lenovo
Lenovo
added 2018/10/18 11:43 p.m.418 views

System Management Module Vulnerabilities - US

Lenovo Security Advisory: LEN-24374 Potential Impact: Privilege escalation Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2018-9083, CVE-2018-9084, CVE-2018-16089, CVE-2018-16090, CVE-2018-16091, CVE-2018-16092, CVE-2018-16094, CVE-2018-16095, CVE-2018-16096 Summary...

9.3CVSS0.7AI score0.01735EPSS
Exploits0
Lenovo
Lenovo
added 2018/10/18 11:43 p.m.19 views

System Management Module Vulnerabilities - Lenovo Support US

No description provided...

9.3CVSS6.4AI score0.01735EPSS
Exploits0
Lenovo
Lenovo
added 2018/10/16 12:2 p.m.40 views

Intel Software Guard Extensions (SGX) Vulnerabilities - Lenovo Support US

No description provided...

8.8CVSS6.3AI score0.60631EPSS
Exploits2
Lenovo
Lenovo
added 2018/10/08 9:5 p.m.51 views

RSA Keys Generated by Infineon TPMs are Insecure - Lenovo Support US

No description provided...

6.1AI score
Exploits0
Lenovo
Lenovo
added 2018/10/01 7:13 p.m.24 views

Intel CSME / SPS and TXE Vulnerabilities - Lenovo Support US

No description provided...

7.3CVSS5.7AI score0.03303EPSS
Exploits0
Lenovo
Lenovo
added 2018/10/01 7:11 p.m.3 views

Power Management Controller (PMC) Security Vulnerability in Systems using specific Intel® CSME or SPS firmware versions - Lenovo Support US

No description provided...

8.1AI score
Exploits0
Lenovo
Lenovo
added 2018/09/20 8:36 p.m.22 views

BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack - Lenovo Support US

No description provided...

7.2CVSS6.6AI score0.00508EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/20 6:37 p.m.3 views

Insecure Handling of BIOS and AMT Passwords in Intel Platform Sample Firmware - Lenovo Support US

No description provided...

6.7CVSS6.5AI score0.00293EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/20 5:37 p.m.531 views

Insecure Handling of BIOS and AMT Passwords in Intel Platform Sample Firmware - US

Lenovo Security Advisory: LEN-23848 Potential Impact: Information disclosure Severity: High Scope of Impact: Industry wide CVE Identifier: CVE-2017-5704 Summary Description: Platform sample firmware supplied by Intel for multiple processor familes, and incorporated by Lenovo into multiple product...

2.1CVSS1.8AI score0.00293EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/20 5:36 p.m.587 views

BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack - US

Lenovo Security Advisory: LEN-20527 Potential Impact: Elevation of privilege Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-9062, CVE-2018-12169 Summary Description: An attacker with unfettered physical access to a system and the skill to disassemble it, may attach a...

1.9AI score0.00553EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/20 4:58 p.m.562 views

Iomega and LenovoEMC NAS Web UI Vulnerabilities - US

Lenovo Security Advisory: LEN-24224 Potential Impact: Privilege escalation Severity: High Scope of Impact: Lenovo specific CVE Indentifier: CVE-2018-9074, CVE-2018-9075, CVE-2018-9076, CVE-2018-9077, CVE-2018-9078, CVE-2018-9079, CVE-2018-9080, CVE-2018-9081, CVE-2018-9082 Summary Description:...

1.4AI score0.04079EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/20 4:58 p.m.28 views

Iomega and LenovoEMC NAS Web UI Vulnerabilities - Lenovo Support US

No description provided...

9.8CVSS5.9AI score0.04079EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/20 4:57 p.m.594 views

Intel CSME / SPS and TXE Vulnerabilities - US

Lenovo Security Advisory: LEN-22810 Potential Impact: Elevation of privilege, information disclosure, denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3655, CVE-2018-3657, CVE-2018-3658, CVE-2018-3659, CVE-2018-3616 Summary Description: Intel has disclosed...

3.6CVSS2.1AI score0.03303EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/20 4:52 p.m.547 views

Power Management Controller (PMC) Security Vulnerability in Systems using specific Intel® CMSE or SPS firmware versions - US

Lenovo Security Advisory: LEN-22678 Potential Impact: Elevation of Privilege; Information Disclosure Severity: High Scope of Impact: Industry-wide - Systems using specific Intel® Converged Security and Management Engine CSME or Intel® Server Platform Services SPS firmware versions CVE Identifier:...

3.2AI score0.00501EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/20 3:30 p.m.524 views

BIOS Write Protection Race Condition - US

Lenovo Security Advisory: LEN-20184 Potential Impact: Privilege escalation Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2018-9069 Summary Description: In several consumer notebook models, a race condition in BIOS flash device locking mechanism is not adequately protected...

3.6AI score0.00532EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/20 3:30 p.m.52 views

BIOS Write Protection Race Condition - Lenovo Support US

No description provided...

7CVSS5.7AI score0.00532EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/13 7:29 p.m.563 views

TPM 2.0 Sleep-Wake Error in BIOS Firmware - US

Lenovo Security Advisory: LEN-20494 Potential Impact: Local security-bypass Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-6622 Summary Description: Lenovo was notified of a potential security bypass vulnerability in BIOS firmware for managing the TPM 2.0 device. If an...

3.2AI score0.00519EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/13 2:41 p.m.43 views

Speculative Execution Side Channel Vulnerability Variants - Lenovo Support US

No description provided...

5.6CVSS7.4AI score0.60631EPSS
Exploits6
Lenovo
Lenovo
added 2018/09/13 11:41 a.m.1095 views

Speculative Execution Side Channel Variants 4 and 3a - US

Lenovo Security Advisory: LEN-22133 Potential Impact: Malicious code running locally may be able to observe contents of privileged memory or registers, circumventing expected privilege levels Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3639, CVE-2018-3640 Summary...

4.9CVSS7AI score0.93838EPSS
Exploits15
Lenovo
Lenovo
added 2018/09/11 3:55 a.m.33 views

Bluetooth Pairing Key Validation - Lenovo Support US

No description provided...

8CVSS7.2AI score0.00802EPSS
Exploits1
Lenovo
Lenovo
added 2018/09/10 10:16 p.m.503 views

Lenovo Replacing Distrusted GeoTrust Certificates With New DigiCert Certificates - US

Lenovo Security Advisory: LEN-24497 Scope of Impact: Industry-wide. Anyone using a GeoTrust certificate will need to update to DigiCert. Major browsers will stop trusting GeoTrust certificates as early as October. Summary Description: Many Lenovo sites use PKI certificates issued by the GeoTrust...

0.5AI score
Exploits0
Lenovo
Lenovo
added 2018/09/10 10:16 p.m.3 views

Lenovo Replacing Distrusted GeoTrust Certificates With New DigiCert Certificates - Lenovo Support US

No description provided...

7.3AI score
Exploits0
Lenovo
Lenovo
added 2018/09/10 9:55 p.m.681 views

Bluetooth Pairing Key Validation - US

Lenovo Security Advisory: LEN-22233 Potential Impact: Information disclosure, elevation of privilege, denial of service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-5383 Summary Description: The Bluetooth Special Interest Group SIG has reported a vulnerability in the...

1.7AI score0.00802EPSS
Exploits1
Lenovo
Lenovo
added 2018/08/30 1:58 p.m.23 views

Whole Disk Encryption with Intel Optane Memory Modules - Lenovo Support US

No description provided...

4.6CVSS4.7AI score0.00216EPSS
Exploits0
Lenovo
Lenovo
added 2018/08/30 12:58 p.m.573 views

Whole Disk Encryption with Intel Optane Memory Modules - US

Lenovo Security Advisory: LEN-22881 Potential Impact: Information disclosure Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3619 Summary Description: Intel has identified an issue where configuring an Optane memory module before enabling BitLocker whole disk encryption...

2.1CVSS1.8AI score0.00216EPSS
Exploits0
Lenovo
Lenovo
added 2018/08/22 6:58 p.m.723 views

Intel Software Guard Extensions (SGX) Vulnerabilities - US

Lenovo Security Advisory: LEN-21284 Potential Impact: Elevation of privilege, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2017-5736, CVE-2018-3626, CVE-2018-3639, CVE-2018-3640, CVE-2018-3691 Summary Description: Intel has issued several advisories...

7.2CVSS1.9AI score0.60631EPSS
Exploits2
Lenovo
Lenovo
added 2018/08/16 2:27 p.m.677 views

L1 Terminal Fault Side Channel Vulnerabilities - US

Lenovo Security Advisory: LEN-24163 Potential Impact: Malicious code running locally may be able to observe contents of privileged memory, circumventing expected privilege levels Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646 Summary...

5.4CVSS1.2AI score0.08101EPSS
Exploits0
Lenovo
Lenovo
added 2018/08/16 2:27 p.m.54 views

L1 Terminal Fault Side Channel Vulnerabilities - Lenovo Support US

No description provided...

7.3CVSS6.7AI score0.08101EPSS
Exploits0
Lenovo
Lenovo
added 2018/08/10 12:5 p.m.846 views

NVIDIA Graphics Driver Multiple Vulnerabilities (including fixes for Intel Speculative Side Channel Vulnerabilities) - US

Lenovo Security Advisory: LEN-16730 Potential Impact: Denial of service, possible escalation of privilege, exfiltration of privileged memory Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2017-5753, CVE-2017-6266, CVE-2017-6267, CVE-2017-6268, CVE-2017-6269, CVE-2017-6270,...

7.2CVSS7AI score0.93838EPSS
Exploits9
Lenovo
Lenovo
added 2018/08/10 12:5 p.m.3 views

NVIDIA Graphics Driver Multiple Vulnerabilities (including fixes for Intel Speculative Side Channel Vulnerabilities) - Lenovo Support US

No description provided...

5.8AI score
Exploits0
Lenovo
Lenovo
added 2018/08/07 6:58 p.m.520 views

Securely Configuring LenovoEMC NAS Devices - US

Lenovo Security Advisory: LEN-11575 Potential Impact: Access to stored data if security settings have not been configured Scope of Impact: Lenovo-specific Summary Description: In light of recent work by a security researcher, Lenovo would like to remind owners of older LenovoEMC consumer Network...

6.8AI score
Exploits0
Lenovo
Lenovo
added 2018/07/28 2:32 a.m.681 views

NVIDIA Graphics Driver Multiple Vulnerabilities - US

Lenovo Security Advisory: LEN-20510 Potential Impact: Denial of service, possible escalation of privilege, code execution Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-6247, CVE-2018-6248, CVE-2018-6249, CVE-2018-6250, CVE-2018-6251, CVE-2018-6252, CVE-2018-6253 Summary...

7.2CVSS3.2AI score0.00411EPSS
Exploits0
Lenovo
Lenovo
added 2018/07/28 2:32 a.m.26 views

NVIDIA Graphics Driver Multiple Vulnerabilities - Lenovo Support US

No description provided...

8.8CVSS6.7AI score0.00401EPSS
Exploits0
Lenovo
Lenovo
added 2018/07/26 4:56 p.m.548 views

XClarity Administrator (LXCA) API Vulnerabilities - US

Lenovo Security Advisory: LEN-22168 Potential Impact: Privilege escalation Severity: Critical Scope of Impact: Lenovo-specific CVE Identifier: CVE-2018-9064, CVE-2018-9065, CVE-2018-9066 Summary Description: A Lenovo internal product security audit has led to the discovery of access control...

1.9AI score0.02244EPSS
Exploits0
Lenovo
Lenovo
added 2018/07/26 4:56 p.m.27 views

TPM 2.0 Sleep-Wake Error in BIOS Firmware - Lenovo Support US

No description provided...

7.1CVSS6.9AI score0.00519EPSS
Exploits0
Lenovo
Lenovo
added 2018/07/26 4:56 p.m.26 views

XClarity Administrator (LXCA) API Vulnerabilities - Lenovo Support US

No description provided...

7.9AI score
Exploits0
Lenovo
Lenovo
added 2018/07/26 4:55 p.m.522 views

Integrated Management Module 2 (IMM2) First Failure Data Capture (FFDC) Information Disclosure - US

Lenovo Security Advisory: LEN-20227 Potential Impact: Information disclosure Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2018-9068 Summary Description: The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware...

2.4AI score0.01053EPSS
Exploits0
Lenovo
Lenovo
added 2018/07/26 4:55 p.m.3 views

Integrated Management Module 2 (IMM2) First Failure Data Capture (FFDC) Information Disclosure - Lenovo Support US

No description provided...

7.5CVSS7.6AI score0.01053EPSS
Exploits0
Lenovo
Lenovo
added 2018/07/25 11:19 a.m.757 views

Intel ME 6.x/7.x/8.x/9.x/10.x./11.x, SPS 4.0, and TXE 3.0 Cumulative Security Update - US

Lenovo Security Advisory: LEN-17297 Potential Impact: An attacker could load and execute arbitrary code outside the visibility of the user, operating system, and hypervisor/virtualization platform; resulting in exfiltration of secrets, subtle manipulation of system operation, or denial of service...

9CVSS8.2AI score0.04407EPSS
Exploits0
Lenovo
Lenovo
added 2018/07/25 11:19 a.m.24 views

Intel ME 6.x/7.x/8.x/9.x/10.x./11.x, SPS 4.0, and TXE 3.0 Cumulative Security Update - Lenovo Support US

No description provided...

7.4AI score
Exploits0
Lenovo
Lenovo
added 2018/07/19 12:31 p.m.846 views

Bluetooth “BlueBorne” Vulnerabilities - NL

Lenovo Security Advisory: LEN-17125 Potential Impact: Remote code execution Severity: High Scope of Impact: Industry wide CVE Identifier: CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, CVE-2017-0785, CVE-2017-8628, CVE-2017-14315, CVE-2017-1000250, CVE-2017-1000251 Summary Description: A collection...

8.3CVSS8.4AI score0.2285EPSS
Exploits28
Lenovo
Lenovo
added 2018/07/17 2:6 p.m.699 views

System firmware Can Be Erased or Corrupted After Boot - US

Lenovo Security Advisory: LEN-16445 Potential Impact: An attacker could manipulate the vulnerability to prevent a system from booting, to cause it to operate in an unusual way, or execute arbitrary code during the system boot sequence. Severity: High Scope of Impact: Industry-wide CVE Identifier:...

3.6CVSS6.5AI score0.00355EPSS
Exploits0
Lenovo
Lenovo
added 2018/07/12 6:20 p.m.25 views

Intel Q1’18 AMT 9.x/10.x/11.x Cumulative Update - Lenovo Support US

No description provided...

6.8AI score
Exploits0
Total number of security vulnerabilities1170