1169 matches found
Lenovo Help Android App Access Control - Lenovo Support US
No description provided...
Lenovo Help Android App Access Control - US
Lenovo Security Advisory: LEN-21561 Potential Impact: Exposure and modification of private app data Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2018-9067 Summary Description: The Lenovo Help Android app had insufficient access control for some functions which, if...
Intel Q1’18 AMT 9.x/10.x/11.x Cumulative Update - US
Lenovo Security Advisory: LEN-21031 Potential Impact: Elevation of Privilege Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3628, CVE-2018-3629, CVE-2018-3632 Summary Description: Intel performed a security review of their Intel® Management Engine ME firmware, and identifi...
Intel® Management Engine 11.x issue - US
Lenovo Security Advisory: LEN-21032 Potential Impact: Elevation of Privilege Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3627 Summary Description: Intel performed a security review of their Intel® Management Engine ME 11.x firmware, and identified a security vulnerabili...
Intel® Management Engine 11.x issue - Lenovo Support US
No description provided...
Synaptics Keyboard & Touchpad Driver Running Arbitrary Code - US
Lenovo Security Advisory: LEN-19151 Potential Impact: Execution diversion – launching arbitrary code within the user’s context Severity: Low Scope of Impact: Industry-wide CVE Identifier: TBD, Summary Description: An attacker who has already obtained access to a user’s account could attach an...
Synaptics Keyboard & Touchpad Driver Running Arbitrary Code - Lenovo Support US
No description provided...
Broadcom WiFi Buffer Overflow Vulnerability - US
Lenovo Security Advisory: LEN-17237 Potential Impact: Arbitrary code execution Severity: Critical Scope of Impact: Industry-wide CVE Identifier: CVE-2017-11120, CVE-2017-11121 Summary Description: Broadcom has issued an advisory for certain Broadcom WiFi controllers used by many computer and devi...
Broadcom WiFi Buffer Overflow Vulnerability - Lenovo Support US
No description provided...
Intel Active Management Technology MEBx Access Control Bypass - US
Lenovo Security Advisory: LEN-19568 Potential Impact: Remote access and control Severity: Critical Scope of Impact: Industry-wide Summary Description: Intel has issued an advisory for Intel vPro Active Management Technology AMT to all system manufacturers. The Intel AMT default configuration has...
Intel Active Management Technology MEBx Access Control Bypass - Lenovo Support US
No description provided...
Lenovo Fingerprint Manager Pro for Windows 7, 8, and 8.1 only (not 10) Insecure Credential Storage - US
Lenovo Security Advisory: LEN-15999 Potential Impact: Local Privilege Escalation Severity: High Scope of Impact: Lenovo Specific CVE Identifier: CVE-2017-3762 Summary Description: A vulnerability has been identified in Lenovo Fingerprint Manager Pro. Sensitive data stored by Lenovo Fingerprint...
Lenovo Fingerprint Manager Pro for Windows 7, 8, and 8.1 only (not 10) Insecure Credential Storage - Lenovo Support NL
No description provided...
Intel Online Connect NDIS Filter Driver Parameter Corruption - US
Lenovo Security Advisory: LEN-21769 Potential Impact: Denial of service Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3634 Summary Description: Intel has issued an advisory for Intel Online Connect Access to all system manufacturers. The related Intel NDIS filter driver...
Intel Online Connect NDIS Filter Driver Parameter Corruption - Lenovo Support US
No description provided...
RSA Keys Generated by Infineon TPMs are Insecure - US
Lenovo Security Advisory: LEN-15552 Potential Impact: RSA keys generated by the Infineon TPM using certain firmware levels are insecure Severity: Varies; None to High Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-15361 Summary Description: A vulnerability was identified in the RSA key...
Buffer Overflow in Lenovo System Update Drive Mapping Utility - Lenovo Support US
No description provided...
Buffer Overflow in Lenovo System Update Drive Mapping Utility - US
Lenovo Security Advisory: LEN-19625 Potential Impact: Buffer overflow resulting in undefined behaviors, such as execution of arbitrary code Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2018-9063 Summary Description: MapDrv C:\Program Files\Lenovo\System Update\mapdrv.exe...
OpenSLP Heap Memory Corruption - US
Lenovo Security Advisory: LEN-18247 Potential Impact: Denial of service, other undefined behavior Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2017-17833 Summary Description: OpenSLP versions used in several Lenovo products are vulnerable to heap memory corruption, potentiall...
IMM2 Web Service Stack Overflow - NL
Lenovo Security Advisory: LEN-19586 Potential Impact: Stack overflow leading to memory corruption Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2017-3774 Summary Description: A stack overflow vulnerability was discovered within the web administration service in the...
IMM2 Web Service Stack Overflow - Lenovo Support US
Lenovo Security Advisory: LEN-19586 Potential Impact: Stack overflow leading to memory corruption Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2017-3774 Summary Description: A stack overflow vulnerability was discovered within the web administration service in the...
Lenovo Help Mobile App Transmits Information Over HTTP - US
Lenovo Security Advisory: LEN-20475 Potential Impact: Exposure of user-identifiable information Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2017-3776 Summary Description: The Lenovo Help Android app assists users with support for Lenovo devices. This requires transmitting...
Lenovo Help Mobile App Transmits Information Over HTTP - Lenovo Support US
No description provided...
BIOS SMI Handler Input Validation Failures - US
Lenovo Security Advisory: LEN-14695 Potential Impact: Execution of code in System Management Mode by an attacker with local administrative access Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-3753 Summary Description: A vulnerability has been identified in some Lenovo...
BIOS SMI Handler Input Validation Failures - Lenovo Support US
No description provided...
Intel SGX Update and Attestation Key Recovery - Lenovo Support US
No description provided...
Intel SGX Update and Attestation Key Recovery - US
Lenovo Security Advisory: LEN-15184 Potential Impact: Elevation of Privilege / Information Disclosure Severity: High Scope of Impact: Industry Wide CVE Identifier: CVE-2017-5691 Summary Description: Intel has discovered a vulnerability that could impact the security of Intel® Software Guard...
Brocade Fabric OS Vulnerabilities - US
Lenovo Security Advisory: LEN-18214 Potential Impact: Cross-site Scripting, Denial of Service Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2017-6225, CVE-2017-6227 Summary Description: Brocade issued advisories BSA-2018-525 and BSA-2018-526 related to vulnerabilities in Broca...
Brocade Fabric OS Vulnerabilities - Lenovo Support US
No description provided...
Synaptics Keyboard Driver Unprotected Debug Mode - Lenovo Support US
No description provided...
Synaptics Keyboard Driver Unprotected Debug Mode - us
Synaptics Keyboard Driver Unprotected Debug Mode Lenovo Security Advisory: LEN-18507 Potential Impact: Loss of confidentiality local to system Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2017-17556 Summary Description: A researcher discovered a vulnerability in Synaptics...
NVIDIA GPU display driver contains multiple vulnerabilities in the kernel mode layer handler - us
Lenovo Security Advisory: LEN-15854 Potential Impact: Denial of Service or Privilege Escalation Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-6251, CVE-2017-6252, CVE-2017-6253, CVE-2017-6254, CVE-2017-6255, CVE-2017-6256, CVE-2017-6257, CVE-2017-6258, CVE-2017-6259,...
NVIDIA GPU display driver contains multiple vulnerabilities in the kernel mode layer handler - Lenovo Support US
No description provided...
NVIDIA GPU Display driver contains multiple vulnerabilities in the kernel mode layer handler - us
Lenovo Security Advisory: LEN-14587 Potential Impact: Denial of service or privilege escalation Severity: High Scope of Impact: Industry-Wide CVE Identifiers: CVE-2017-0341, CVE-2017-0342, CVE-2017-0343, CVE-2017-0344, CVE-2017-0345, CVE-2017-0346, CVE-2017-0347, CVE-2017-0348, CVE-2017-0349,...
NVIDIA GPU Display driver contains multiple vulnerabilities in the kernel mode layer handler - Lenovo Support US
No description provided...
Enterprise Networking Operating System (ENOS) Authentication Bypass in Lenovo and IBM RackSwitch and BladeCenter Products - Lenovo Support US
No description provided...
Enterprise Networking Operating System (ENOS) Authentication Bypass in Lenovo and IBM RackSwitch and BladeCenter Products - US
Lenovo Security Advisory: LEN-16095 Potential Impact: An attacker could gain access to the switch management interface, permitting settings changes that could result in exposing traffic passing through the switch, subtle malfunctions in the attached infrastructure, and partial or complete denial ...
Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Remote Privilege Escalation - us
Lenovo Security Advisory: LEN-14963 Potential Impact: Remote or local exploitation of manageability features leading to unprivileged system access Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-5689 Summary Description: Intel manageability SKUs AMT, ISM, and SBT have a...
Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Remote Privilege Escalation - Lenovo Support US
No description provided...
USB provisioning may be allowed when Intel AMT is disabled
Lenovo Security Advisory: LEN-3556 Potential Impact: Unwanted local AMT provisioning of system Severity: Medium Summary: Some systems with Intel’s AMT technology which is installed on many PCs across vendors may be able to be provisioned by someone with physical access to the system via a special...
USB provisioning may be allowed when Intel AMT is disabled - Lenovo Support US
No description provided...
IMM2 Denial of Service Attack by an Unprivileged User - Lenovo Support NL
No description provided...
IMM2 Denial of Service Attack by an Unprivileged User - NL
Lenovo Security Advisory: LEN-14450 Potential Impact: Denial of Service Severity: Medium Scope of Impact: Lenovo Specific CVE Identifier: CVE-2017-3768 Summary Description: A vulnerability was discovered in the Integrated Management Module 2 IMM2 used in some Lenovo servers where an unprivileged...
Local Privilege Escalation in Realtek Audio Driver - us
Lenovo Security Advisory: LEN-15759 Potential Impact: Local Privilege Escalation Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-3767 Summary Description: A local privilege escalation vulnerability was identified in the Realtek audio driver. An attacker with local privilege...
Privilege Escalation in Dolby DAX2API Service - us
Lenovo Security Advisory: LEN-12704 Potential Impact: Local privilege escalation Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-7293 Summary Description: A privilege escalation vulnerability has been discovered in Dolby’s DAX2API service where a local user can run arbitrar...
Local Privilege Escalation in Realtek Audio Driver - Lenovo Support US
No description provided...
Privilege Escalation in Dolby DAX2API Service - Lenovo Support US
No description provided...
Lenovo XClarity Controller (XCC) Risk of Low Entropy - us
Lenovo Security Advisory: LEN-17904 Potential Impact: An attacker could eavesdrop on encrypted SSH or https-based systems management communications web UI, Redfish, CIM with the server’s XClarity Controller, or spoof the XCC and thereby capture user access credentials for the XCC. The XCC is also...
Lenovo XClarity Controller (XCC) Risk of Low Entropy - Lenovo Support US
No description provided...
Vulnerability in Service Assistance GUI for Lenovo Storage and Storwize Products - Lenovo Support NL
No description provided...