Lenovo: >> Thinkserver Rd450 Firmware Security Vulnerabilities
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-01-30
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-01-30
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
CVSS Score
9.8
EPSS Score
0.012
Published
2018-04-23
Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the passwords via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.001
Published
2015-04-16