Search criteria
2 vulnerabilities found for some Lenovo ThinkPads by Lenovo Group Ltd.
CVE-2018-9062 (GCVE-0-2018-9062)
Vulnerability from cvelistv5 – Published: 2018-07-19 19:00 – Updated: 2024-08-05 07:10
VLAI?
Title
BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack
Summary
In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lenovo Group Ltd. | some Lenovo ThinkPads |
Affected:
various
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105387",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105387"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-20527"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "some Lenovo ThinkPads",
"vendor": "Lenovo Group Ltd.",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"datePublic": "2018-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-26T09:57:01",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"name": "105387",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105387"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-20527"
}
],
"source": {
"advisory": "https://support.lenovo.com/us/en/solutions/LEN-20527",
"discovery": "EXTERNAL"
},
"title": "BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2018-9062",
"STATE": "PUBLIC",
"TITLE": "BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "some Lenovo ThinkPads",
"version": {
"version_data": [
{
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "Lenovo Group Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105387",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105387"
},
{
"name": "https://support.lenovo.com/us/en/solutions/LEN-20527",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-20527"
}
]
},
"source": {
"advisory": "https://support.lenovo.com/us/en/solutions/LEN-20527",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2018-9062",
"datePublished": "2018-07-19T19:00:00",
"dateReserved": "2018-03-27T00:00:00",
"dateUpdated": "2024-08-05T07:10:47.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9062 (GCVE-0-2018-9062)
Vulnerability from nvd – Published: 2018-07-19 19:00 – Updated: 2024-08-05 07:10
VLAI?
Title
BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack
Summary
In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lenovo Group Ltd. | some Lenovo ThinkPads |
Affected:
various
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105387",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105387"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-20527"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "some Lenovo ThinkPads",
"vendor": "Lenovo Group Ltd.",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"datePublic": "2018-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-26T09:57:01",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"name": "105387",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105387"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-20527"
}
],
"source": {
"advisory": "https://support.lenovo.com/us/en/solutions/LEN-20527",
"discovery": "EXTERNAL"
},
"title": "BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2018-9062",
"STATE": "PUBLIC",
"TITLE": "BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "some Lenovo ThinkPads",
"version": {
"version_data": [
{
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "Lenovo Group Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105387",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105387"
},
{
"name": "https://support.lenovo.com/us/en/solutions/LEN-20527",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-20527"
}
]
},
"source": {
"advisory": "https://support.lenovo.com/us/en/solutions/LEN-20527",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2018-9062",
"datePublished": "2018-07-19T19:00:00",
"dateReserved": "2018-03-27T00:00:00",
"dateUpdated": "2024-08-05T07:10:47.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}