A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
lenovo flex_system_x240_m4_firmware |
||
lenovo flex_system_x440_m4_firmware |
||
lenovo system_x3750_m4_firmware |
||
ibm bladecenter_hs23_firmware |
||
ibm bladecenter_hs23e_firmware |
||
ibm flex_system_x220_m4_firmware |
||
ibm flex_system_x222_m4_firmware |
||
ibm flex_system_x240_m4_firmware |
||
ibm flex_system_x280_x6_firmware |
||
ibm flex_system_x440_m4_firmware |
||
ibm flex_system_x480_x6_firmware |
||
ibm flex_system_x880_x6_firmware |
||
ibm idataplex_dx360_m4_firmware |
||
ibm idataplex_dx360_m4_water_cooled_firmware |
||
ibm system_x3100_m4_firmware |
||
ibm system_x3100_m5_firmware |
||
ibm system_x3250_m4_firmware |
||
ibm system_x3250_m5_firmware |
||
ibm system_x3300_m4_firmware |
||
ibm system_x3500_m4_firmware |
||
ibm system_x3530_m4_firmware |
||
ibm system_x3550_m4_firmware |
||
ibm system_x3630_m4_firmware |
||
ibm system_x3650_m4_firmware |
||
ibm system_x3650_m4_bd_firmware |
||
ibm system_x3650_m4_hd_firmware |
||
ibm system_x3750_m4_firmware |
||
ibm system_x3850_x6_firmware |
||
ibm system_x3950_x6_firmware |
Vulmon