fkie_cve-2018-9062
Vulnerability from fkie_nvd
Published
2018-07-19 19:29
Modified
2024-11-21 04:14
Severity ?
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code.
References
psirt@lenovo.comhttp://www.securityfocus.com/bid/105387Third Party Advisory, VDB Entry
psirt@lenovo.comhttps://support.lenovo.com/us/en/solutions/LEN-20527Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/105387Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://support.lenovo.com/us/en/solutions/LEN-20527Patch, Vendor Advisory
Impacted products
Vendor Product Version
lenovo e42-80_firmware *
lenovo e42-80 -
lenovo e42-80_isk_firmware *
lenovo e42-80_isk -
lenovo e52-80_firmware *
lenovo e52-80 -
lenovo e52-80_isk_firmware *
lenovo e52-80_isk -
lenovo miix_720-12ikb_firmware *
lenovo miix_720-12ikb -
lenovo v310-14ikb_firmware *
lenovo v310-14ikb -
lenovo v310-14isk_firmware *
lenovo v310-14isk -
lenovo v310-15ikb_firmware *
lenovo v310-15ikb -
lenovo v310-15isk_firmware *
lenovo v310-15isk -
lenovo v510-14ikb_firmware *
lenovo v510-14ikb -
lenovo v510-15ikb_firmware *
lenovo v510-15ikb -
lenovo thinkpad_l380_firmware *
lenovo thinkpad_l380 -
lenovo thinkpad_e480_firmware *
lenovo thinkpad_e480 -
lenovo thinkpad_e580_firmware *
lenovo thinkpad_e580 -
lenovo thinkpad_l480_firmware *
lenovo thinkpad_l480 -
lenovo thinkpad_l580_firmware *
lenovo thinkpad_l580 -
lenovo thinkpad_p51_firmware *
lenovo thinkpad_p51 -
lenovo thinkpad_p51s_firmware *
lenovo thinkpad_p51s -
lenovo thinkpad_p52_firmware *
lenovo thinkpad_p52 -
lenovo thinkpad_p52s_firmware *
lenovo thinkpad_p52s -
lenovo thinkpad_p71_firmware *
lenovo thinkpad_p71 -
lenovo thinkpad_p72_firmware *
lenovo thinkpad_p72 -
lenovo thinkpad_t25_firmware *
lenovo thinkpad_t25 -
lenovo thinkpad_t470_firmware *
lenovo thinkpad_t470 -
lenovo thinkpad_t470p_firmware *
lenovo thinkpad_t470p -
lenovo thinkpad_t470s_firmware *
lenovo thinkpad_t470s -
lenovo thinkpad_t480_firmware *
lenovo thinkpad_t480 -
lenovo thinkpad_t480s_firmware *
lenovo thinkpad_t480s -
lenovo thinkpad_t570_firmware *
lenovo thinkpad_t570 -
lenovo thinkpad_t580_firmware *
lenovo thinkpad_t580 -
lenovo thinkpad_x380_yoga_firmware *
lenovo thinkpad_x380_yoga -
lenovo thinkpad_yoga_11e_firmware *
lenovo thinkpad_yoga_11e -
lenovo thinkpad_yoga_370_firmware *
lenovo thinkpad_yoga_370 -
lenovo thinkpad_s1_firmware *
lenovo thinkpad_s1 -
lenovo thinkpad_x1_carbon_firmware *
lenovo 20hq -
lenovo 20hr -
lenovo thinkpad_x1_carbon_firmware *
lenovo 20k3 -
lenovo 20k4 -
lenovo thinkpad_x1_carbon_firmware *
lenovo 20kg -
lenovo 20kh -
lenovo thinkpad_x1_tablet_firmware *
lenovo 20jb -
lenovo 20jc -
lenovo thinkpad_x1_tablet_firmware *
lenovo 20kj -
lenovo 20kk -
lenovo thinkpad_x1_yoga_firmware *
lenovo 20jd -
lenovo 20je -
lenovo 20jf -
lenovo 20jg -
lenovo thinkpad_x1_yoga_firmware *
lenovo 20ld -
lenovo 20le -
lenovo 20lf -
lenovo 20lg -
lenovo thinkpad_x270_firmware *
lenovo 20hm -
lenovo 20hn -
lenovo 20k5 -
lenovo 20k6 -
lenovo thinkpad_x280_firmware *
lenovo 20ke -
lenovo 20kf -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:e42-80_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA05C26D-BA63-4243-B1F0-64D0B81B263C",
                     versionEndExcluding: "2wcn40ww",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:e42-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8BF8E48C-FAB2-4A60-9B1B-D57037143333",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:e42-80_isk_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B082177B-E618-48AA-A876-F35169A8204B",
                     versionEndExcluding: "0zcn48ww",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:e42-80_isk:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE3E80E1-B001-4C33-891E-3B57B94BF489",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:e52-80_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB507183-1CF5-442D-99DD-8B11E4CEA0F1",
                     versionEndExcluding: "2wcn40ww",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:e52-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4562F004-C782-4008-BA89-4A1DF8432A53",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:e52-80_isk_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8C6E329-33FC-4953-8477-08E1FE6F514D",
                     versionEndExcluding: "0zcn48ww",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:e52-80_isk:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C46547B9-B9BD-427F-849E-9AA60A6D9921",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:miix_720-12ikb_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9B8719B7-4E7D-45A7-A761-AC8260B24838",
                     versionEndExcluding: "3scn68ww",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:miix_720-12ikb:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0E7697B-53B4-4A2A-B285-0620962A0E4A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:v310-14ikb_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "55DEF7F9-C8CF-478F-A405-216684C417F2",
                     versionEndExcluding: "2wcn40ww",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:v310-14ikb:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "93959EEF-344E-46A6-B03F-E799F04B3820",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:v310-14isk_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D77AD69-9B99-4825-B0AC-2FA5B4A9E14F",
                     versionEndExcluding: "0zcn48ww",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:v310-14isk:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "89D0C619-1CD2-40D7-A5A1-891E8C06E699",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:v310-15ikb_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A2FF9B6-FC3F-422F-AAC6-C43DF4E17EA8",
                     versionEndExcluding: "2wcn40ww",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:v310-15ikb:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1857B2B9-C14B-4800-A523-E0A66F8D7158",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:v310-15isk_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "59C0C044-0008-42C2-8F6C-916DFDF8F0FC",
                     versionEndExcluding: "0zcn48ww",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:v310-15isk:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33454DBF-03D8-4D37-A569-E46DD66CA837",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:v510-14ikb_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A6EBFF6-8036-46EC-8D4A-04AE7FF5BA84",
                     versionEndExcluding: "2wcn40ww",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:v510-14ikb:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "279A226D-77C3-4232-9F1D-191F8CD71C87",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:v510-15ikb_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "48EF123E-6E23-42C7-BBAF-B856023E0798",
                     versionEndExcluding: "2wcn40ww",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:v510-15ikb:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "404C585E-A8DD-44B0-94FF-C1F66695197C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_l380_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "51CF31BE-7980-4DDE-9E7C-73771F779639",
                     versionEndExcluding: "r0ret28w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_l380:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0FFC7C4-2CAF-440A-8ED8-F25EA19F86C1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_e480_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7769EB71-4FE8-419D-8632-86B8BB48B425",
                     versionEndExcluding: "r0pet47w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_e480:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F18F059-A701-41EE-B711-46DC7B5A1389",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_e580_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7F51481-28D9-453B-A8D8-38B60E3C4575",
                     versionEndExcluding: "r0pet47w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_e580:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E574BA8-65D9-4836-B448-254D613DA86E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_l480_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3E02770D-C10C-4B77-AE46-CC0DD9E47F1B",
                     versionEndExcluding: "r0qet47w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_l480:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "146462F0-69DA-4583-84C5-E1F2CE27E274",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_l580_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6CC588C-19EC-4F45-B168-B954EC1C0123",
                     versionEndExcluding: "r0qet47w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_l580:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3245C2B-CED0-442E-ADE4-240F77D8AEC2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p51_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2457A459-E18C-4763-967E-C10B38B792BC",
                     versionEndExcluding: "n1uet71w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p51:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A724CF4-587A-4475-B27B-ACD99FC3F7E8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p51s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F28EFF02-7D35-49BF-A8B7-BE46DFD83764",
                     versionEndExcluding: "n1vet45w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p51s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A84E6D8C-CB5E-4B50-B364-4E8AB4985A57",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p52_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "675AD95D-F706-4486-8099-EAEBB2783BA5",
                     versionEndExcluding: "n2cet28w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p52:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AEFFA8C-6EA1-4DD4-A6C0-9EDCE6A7D5F1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p52s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A84880D-038B-4BFB-9DDC-58D6EA84320F",
                     versionEndExcluding: "n27et27w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p52s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF0A6498-072B-4541-87E5-379ECC36EC77",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p71_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "386BB354-4641-46CF-8CA7-EF5E61B6934F",
                     versionEndExcluding: "n1tet50w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p71:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF50A012-EFAE-485E-AADB-7D0AADEF21AC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p72_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "25486478-D9B9-49F8-AFB5-FE8F7FA17196",
                     versionEndExcluding: "n2cet28w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p72:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37552828-D225-4FCD-B762-A099A63E38E5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t25_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3E92C8AA-6865-4B75-AB27-3B15898A5447",
                     versionEndExcluding: "n1qet77w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t25:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAADC7F0-22D5-40F0-A4A5-4A94CF798C50",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t470_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA4CAD0C-BF25-4589-ACA5-513551AFD153",
                     versionEndExcluding: "n1qet77w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t470:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6515A024-F5A8-494F-BCB6-0DD2D1CA4EA7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t470p_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D1E4E89-5FB7-475B-BAC7-4E5E67F63DC9",
                     versionEndExcluding: "r0fet44w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t470p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8796BA28-2705-4798-A95C-A821BB941A03",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t470s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCB31409-6236-45C2-AD55-EC4DA9A3286D",
                     versionEndExcluding: "n1wet49w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t470s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93959B3-4DE0-4AD3-8242-BF0BB45FABF4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t480_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C32144CF-460C-4EC0-8A3C-B9CAAADDF035",
                     versionEndExcluding: "n24et41w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t480:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "84F55DB9-1677-4E50-A8A6-AFCE2FB1E609",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t480s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D28B7104-764B-4193-8BF0-4C3E51232777",
                     versionEndExcluding: "n22et48w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t480s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3249C664-2699-47D2-B17A-2B1EF24FCB05",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t570_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC2A2539-46BE-474B-BB7C-50E0062A70B3",
                     versionEndExcluding: "n1vet45w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t570:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BEC1A912-C9FA-4D12-97A3-1D53B8209314",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t580_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9744EC52-94FA-4F13-8CC4-F3C01AC15D62",
                     versionEndExcluding: "n27et27w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t580:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7D90A3FD-A8FA-43E1-AB52-9F4B0960BDC0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x380_yoga_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7731C753-4123-45DB-93AC-1C21786A0356",
                     versionEndExcluding: "r0set29w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x380_yoga:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5E1704F-6BB6-4B7C-ADE6-720533FB46E4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_yoga_11e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE6B24E3-3D2E-4327-AE00-807161072B0D",
                     versionEndExcluding: "r0vet23w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_yoga_11e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6C2E66F-B45C-4850-8C19-2AD84939173C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_yoga_370_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2E21C20-9B4A-4BF0-B39C-B19676E4C239",
                     versionEndExcluding: "r0het48w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_yoga_370:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "30B0E5C1-5A7B-4310-A4D3-A12E1F059568",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_s1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "436E1C08-C8A3-494C-8884-106DD9C41B24",
                     versionEndExcluding: "r0het48w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_s1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBA5DC9E-8AC7-4A57-979A-09B93FADF461",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_carbon_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D048A80-BD8B-4D77-9966-2AF5188FBCC6",
                     versionEndExcluding: "n1met49w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:20hq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "16958143-AEBE-4A0D-A2A6-7330C05AC60B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20hr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F013340-CDCD-4205-8695-8855F7C7C682",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_carbon_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "08033D9E-EEF7-4E4F-A365-96BF4C0E3C52",
                     versionEndExcluding: "n23et52w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:20k3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98B80D38-250A-476A-9EB7-D8A386D8469F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20k4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ADA12288-6030-41D5-8617-D968431256DA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_carbon_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D048A80-BD8B-4D77-9966-2AF5188FBCC6",
                     versionEndExcluding: "n1met49w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:20kg:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D54E3CC7-2B21-4190-9488-016FA13AF1B1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20kh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5CDA5F3-07C4-4507-8378-C434F849EAF7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_tablet_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0C671B3-2CB6-4471-85A2-C527C6A56A85",
                     versionEndExcluding: "n1oet45w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:20jb:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E01CC19-2CEB-40A0-B4B2-A05F3CFE985E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20jc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E051EBC5-B15A-4A70-BD46-E39840DE301A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_tablet_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "70C8078B-E311-4DD0-8754-D3A315CEF103",
                     versionEndExcluding: "n1zet69w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:20kj:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "64B3172B-9A2E-4EB5-B5F3-43FF426511B4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20kk:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "01F3E333-1627-41F5-B7F3-70A0200F411B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_yoga_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5D8EA08-072D-451E-A2C3-0EFB8C2D73C2",
                     versionEndExcluding: "n1net42w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:20jd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "145AD235-0823-4159-8D7D-6E762E446DD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20je:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5FCD306-0BD9-48AB-847A-36F4897D1B32",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20jf:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D681426F-FBD5-41A3-8436-88518F3C1AC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20jg:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9459AF00-0ADB-42F5-8782-88DAE38AB4DF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_yoga_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6BFFB84-DA17-4BD1-9E0B-E2C411B6B173",
                     versionEndExcluding: "n25et38w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:20ld:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5A83C9A-7DB5-4368-9162-CC6EFE4F2902",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20le:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2BC6666-5502-4E12-B82A-4DC30BAEF4D0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20lf:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB5FDF39-1B3F-4FE0-B88C-A5FD45593A56",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20lg:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26DCC7EA-D22A-4E25-88DA-78DD7A9A6C0D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x270_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "207C89A7-E416-4E27-9473-1CB3580B4C7A",
                     versionEndExcluding: "r0iet53w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:20hm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9A03725-A0CC-4E19-8318-099BC402831C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20hn:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BFE971C-AE35-4ACC-80EF-A887B0CE7211",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20k5:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7FEA243-F058-4155-AE94-BD6C1E09DE2B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20k6:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0F98086-34E4-4C99-A214-C7C674F27188",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x280_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "73A8064B-B040-42D1-8C3B-1AC50D0A9118",
                     versionEndExcluding: "n20et33w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:20ke:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8EB31316-AA11-4FBE-821A-F51D83F3AA61",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:lenovo:20kf:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A547B8E0-FCAC-426E-BD4A-A1DE16006B67",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code.",
      },
      {
         lang: "es",
         value: "En algunos ThinkPads de Lenovo, una región de BIOS no se incluye correctamente en las comprobaciones, lo que permite la inyección de código arbitrario.",
      },
   ],
   id: "CVE-2018-9062",
   lastModified: "2024-11-21T04:14:53.653",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "PHYSICAL",
               availabilityImpact: "HIGH",
               baseScore: 6.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.9,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2018-07-19T19:29:00.607",
   references: [
      {
         source: "psirt@lenovo.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/105387",
      },
      {
         source: "psirt@lenovo.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://support.lenovo.com/us/en/solutions/LEN-20527",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/105387",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://support.lenovo.com/us/en/solutions/LEN-20527",
      },
   ],
   sourceIdentifier: "psirt@lenovo.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-74",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.