Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lenovo system management module firmware vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-3849
An authentication bypass vulnerability exists in the web interface of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware that could allow an unauthenticated malicious user to execute commands on the SMM and FPC2. SMM2 is not affected.
Lenovo Nextscale N1200 Enclosure Firmware
Lenovo Thinkagile Hx Enclosure Certified Node Firmware
Lenovo Thinkagile Vx Enclosure Firmware
Lenovo Thinksystem D2 Enclosure Firmware
Ibm Nextscale Fan Power Controller Firmware
9.8
CVSSv3
CVE-2021-3897
An authentication bypass vulnerability exists in an internal service of the Lenovo Fan Power Controller2 (FPC2) and Lenovo System Management Module (SMM) firmware during an that could allow an unauthenticated malicious user to execute commands on the SMM and FPC2. SMM2 is not aff...
Lenovo Nextscale N1200 Enclosure Firmware
Lenovo Thinkagile Hx Enclosure Certified Node Firmware
Lenovo Thinkagile Vx Enclosure Firmware
Lenovo Thinksystem D2 Enclosure Firmware
Ibm Nextscale Fan Power Controller Firmware
7.5
CVSSv3
CVE-2019-6157
In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes the web server's private key in the generated log file for support.
Lenovo Flex System X240 M4 Firmware
Lenovo Flex System X240 M5 Firmware
Lenovo Flex System X280 X6 Firmware
Lenovo Flex System X440 M4 Firmware
Lenovo Flex System X480 X6 Firmware
Lenovo Flex System X880 Firmware
Lenovo Nextscale Nx360 M5 Firmware
Lenovo System X3250 M6 Firmware
Lenovo System X3500 M5 Firmware
Lenovo System X3550 M5 Firmware
Lenovo System X3650 M5 Firmware
Lenovo System X3750 M4 Firmware
Lenovo System X3850 X6 Firmware
Lenovo System X3950 X6 Firmware
Ibm Bladecenter Hs22 Firmware
Ibm Bladecenter Hs23 Firmware
Ibm Bladecenter Hs23e Firmware
Ibm Flex System X220 M4 Firmware
Ibm Flex System X222 M4 Firmware
Ibm Flex System X240 M4 Firmware
Ibm Flex System X280 M4 Firmware
Ibm Flex System X440 M4 Firmware
7.5
CVSSv3
CVE-2018-16089
In System Management Module (SMM) versions before 1.06, a field in the header of SMM firmware update images is insufficiently sanitized, allowing post-authentication command injection on the SMM as the root user.
Lenovo System Management Module Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started