During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler exists in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lenovo thinkpad_11e_firmware |
||
lenovo thinkpad_helix_firmware |
||
lenovo thinkpad_l560_firmware |
||
lenovo thinkpad_l570_firmware |
||
lenovo thinkpad_p50s_firmware |
||
lenovo thinkpad_p51s_firmware |
||
lenovo thinkpad_p52s_firmware |
||
lenovo thinkpad_s540_firmware |
||
lenovo thinkpad_t550_firmware |
||
lenovo thinkpad_t560_firmware |
||
lenovo thinkpad_t570_firmware |
||
lenovo thinkpad_t580_firmware |
||
lenovo thinkpad_x1_tablet_gen_1_firmware |
||
lenovo thinkpad_x1_tablet_gen_2_firmware |
||
lenovo thinkpad_w540_firmware |
||
lenovo thinkpad_w541_firmware |
||
lenovo thinkpad_w550s_firmware |
||
lenovo thinkpad_x1_carbon_3rd_gen_firmware |
||
lenovo thinkpad_x1_carbon_4th_gen_firmware |
||
lenovo thinkpad_x1_carbon_5th_gen_kabylake_firmware |
||
lenovo thinkpad_x1_carbon_5th_gen_skylake_firmware |
||
lenovo thinkpad_x1_yoga_firmware |
||
lenovo thinkpad_x1_yoga_gen_2_firmware |
||
lenovo thinkpad_x1_yoga_gen_3_firmware |
||
lenovo thinkpad_x250_firmware |
||
lenovo thinkpad_x280_firmware |
||
lenovo thinkpad_x390_firmware |
||
lenovo thinkpad_11e_yoga_firmware |
||
lenovo thinkpad_yoga_15_firmware |
||
lenovo thinkpad_yoga_260_firmware |