Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lenovo thinkserver firmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-3322
Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers prior to 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows malicious users to decrypt the passwords via unspecified vectors.
Lenovo Thinkserver Rd650 Firmware
Lenovo Thinkserver Rd650
Lenovo Thinkserver Td350 Firmware
Lenovo Thinkserver Td350
Lenovo Thinkserver Rd350 Firmware
Lenovo Thinkserver Rd350
Lenovo Thinkserver Rd550 Firmware
Lenovo Thinkserver Rd550
Lenovo Thinkserver Rd450 Firmware
Lenovo Thinkserver Rd450
7.2
CVSSv3
CVE-2018-9086
In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.
Lenovo Thinkserver Rd340 Firmware
Lenovo Thinkserver Rd440 Firmware
Lenovo Thinkserver Rd640 Firmware
Lenovo Thinkserver Td340 Firmware
7.5
CVSSv3
CVE-2016-8236
Reset to default settings may occur in Lenovo ThinkServer TSM RD350, RD450, RD550, RD650, TD350 during a prolonged broadcast storm in TSM versions earlier than 3.77.
Lenovo Thinkserver Firmware
6.8
CVSSv3
CVE-2017-3753
A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, conditions exist where an attacker with administrative privileges or physical access to a system may be able to run special...
Lenovo Ideacentre 300-20ish Firmware -
Lenovo Ideacentre 300s-11ish Firmware -
Lenovo Ideacentre 510s-08ish Firmware -
Lenovo Ideacentre 700 Firmware -
Lenovo 63 Firmware Fckt78a
Lenovo H50-30g Firmware Fckt78a
Lenovo M4500 Firmware Fckt78a
Lenovo M4500 Id Firmware Fckt78a
Lenovo M4550 Id Firmware Fckt78a
Lenovo S500 Firmware M0kkt24a
Lenovo V320-15iap Firmware -
Lenovo Thinkcentre E73 Firmware Fckt78a
Lenovo Thinkcentre E73s Firmware Fckt78a
Lenovo Thinkcentre E74 Firmware M05kt54a
Lenovo Thinkcentre E74s Firmware M05kt54a
Lenovo Thinkcentre E75 T/s Firmware -
Lenovo Thinkcentre E79 Firmware M0lkt12a
Lenovo Thinkcentre E93 Firmware Fbktc5a
Lenovo Thinkcentre M4500k Firmware Fckt78a
Lenovo Thinkcentre M4500q Firmware Fhkt66a
Lenovo Thinkcentre M4500t/s Firmware Fckt78a
Lenovo Thinkcentre M4600t/s Firmware M05kt54a
NA
CVE-2015-3323
The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 allows remote malicious users to cause a denial of service (web interface crash) via a malformed HTTP request during authenticatio...
Lenovo Thinkserver System Manager Baseboard Management Controller Firmware
5.9
CVSSv3
CVE-2016-8106
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote malicious user to stop the controller from processing network traffic working under certain network use conditions.
Intel Ethernet Controller X710 Firmware
Intel Ethernet Controller Xl710 Firmware
Hp Proliant Xl260a G9 Server
Hp Ethernet 10gb 2-port 562sfp+
Hp Ethernet 10gb 4-port 563sfp+
Hp Ethernet 10gb 2-port 562flr-sfp+
Lenovo Converged Hx7500 Appliance 5.05
Lenovo Thinkagile Cx4600 5.05
Lenovo System X3850 X6 5.05
Lenovo Converged Hx Series 5.05
Lenovo System X3950 X6 5.05
Lenovo Thinkagile Cx2200 5.05
Lenovo System X3550 M5 5.05
Lenovo System X3650 M5 5.05
Lenovo Thinkserver Td350 5.05
Lenovo Thinkserver Rd350 5.05
Lenovo Thinkserver Rd450 5.05
Lenovo System X3250 M5 5.05
Lenovo Thinkagile Cx4200 5.05
Lenovo System X3750 M4 5.05
Lenovo Converged Hx5510 Appliance 5.05
Lenovo System X3500 M5 5.05
NA
CVE-2015-3324
The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an "encrypted remote KVM session," which allows man-in-the-middle malicious...
Lenovo Thinkserver System Manager Baseboard Management Controller Firmware 118.71532
7.8
CVSSv3
CVE-2019-19705
Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT prior to 6.0.8882.1 and 20KH and 20KG prior to 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading.
Lenovo Ideacentre 510-15ikl Firmware
Lenovo Ideacentre 510s-08ikl Firmware
Lenovo Ideacentre 300s-11ish Firmware
Lenovo Ideacentre 310-15asr Firmware
Lenovo Ideacentre 310-15iap Firmware
Lenovo Ideacentre 310a-15iap Firmware
Lenovo Ideacentre 310s-08iap Firmware
Lenovo Ideacentre 510-15abr Firmware
Lenovo Ideacentre 510s-08ish Firmware
Lenovo Ideacentre 610s-02ish Firmware
Lenovo Ideacentre 620s-03ikl Firmware
Lenovo Ideacentre 700 Firmware
Lenovo Ideacentre 720-18asr Firmware
Lenovo Legion Y520t Z370 Firmware
Lenovo Legion Y720 Tower Firmware
Lenovo Legion Y720t Amd Firmware
Lenovo Legion Y920 Tower Firmware
Lenovo Lenovo V320-15iap Firmware
Lenovo Thinkcentre E74s Firmware
Lenovo Yangtian Mc H110 Firmware
Lenovo Yangtian Me/we H110 Firmware
Lenovo Yangtian Tc/wc H110 Pci Firmware
6.7
CVSSv3
CVE-2022-40137
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Lenovo Ideacentre C5-14imb05 Firmware O4hkt3aa
Lenovo Ideacentre E96z Firmware M26kt24a
Lenovo Ideacentre 3 07iab7 Firmware M49kt1da
Lenovo Ideacentre 3-07imb05 Firmware M2vkt1fa
Lenovo Ideacentre 5 14iab7 Firmware M42kt40a
Lenovo Ideacentre 5-14acn6 Firmware O5ekt23a
Lenovo Ideacentre 5-14imb05 Firmware O4hkt3aa
Lenovo Ideacentre 5-14iob6 Firmware M3gkt38a
Lenovo Ideacentre Aio 3-22ada6 Firmware O5ckt24a
Lenovo Ideacentre Aio 3-22iil5 Firmware O56kt22a
Lenovo Ideacentre Aio 3-22itl6 Firmware O5akt31a
Lenovo Ideacentre Aio 3-24ada6 Firmware O5ckt24a
Lenovo Ideacentre Aio 3-24alc6 Firmware O5bkt24a
Lenovo Ideacentre Aio 3-24iil5 Firmware O56kt22a
Lenovo Ideacentre Aio 3-24itl6 Firmware O5akt31a
Lenovo Ideacentre Aio 3-27alc6 Firmware O5bkt24a
Lenovo Ideacentre Aio 3-27itl6 Firmware O5akt31a
Lenovo Ideacentre G5-14imb05 Firmware O4hkt3aa
Lenovo Ideacentre Gaming 5 17acn7 Firmware O5ekt23a
Lenovo Ideacentre Gaming 5 17iab7 Firmware M42kt40a
Lenovo Ideacentre Gaming 5-14acn6 Firmware O5ekt23a
Lenovo Ideacentre Gaming 5-14iob6 Firmware M3gkt38a
4.4
CVSSv3
CVE-2022-40134
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
Lenovo Ideacentre C5-14imb05 Firmware O4hkt38a
Lenovo Thinkcentre E96z Firmware M26kt22a
Lenovo Ideacentre 3 07iab7 Firmware M49kt1da
Lenovo Ideacentre 3-07imb05 Firmware M2vkt1da
Lenovo Ideacentre 5 14iab7 Firmware M42kt40a
Lenovo Ideacentre 5-14acn6 Firmware O5ekt21a
Lenovo Ideacentre 5-14imb05 Firmware O4hkt38a
Lenovo Ideacentre 5-14iob6 Firmware M3gkt33a
Lenovo Ideacentre Creator 5-14iob6 Firmware M3gkt33a
Lenovo Ideacentre G5-14imb05 Firmware O4hkt38a
Lenovo Ideacentre Gaming 5 17acn7 Firmware O5ekt21a
Lenovo Ideacentre Gaming 5 17iab7 Firmware M42kt40a
Lenovo Ideacentre Gaming 5-14acn6 Firmware O5ekt21a
Lenovo Ideacentre Gaming 5-14iob6 Firmware M3gkt33a
Lenovo Legion C530-19icb Firmware O4bkt20a
Lenovo Legion T5-26iob6 Firmware O54kt1da
Lenovo Legion T5-28icb05 Firmware O4bkt20a
Lenovo Legion T530-28apr Firmware O4gkt16a
Lenovo Legion T530-28icb Firmware O4bkt20a
Lenovo Legion T7-34imz5 Firmware O4lkt1ea
Lenovo Thinkcentre M60e Tiny Firmware O5fkt14a
Lenovo Thinkcentre M625q Firmware M3skt21a
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started