Lenovo: >> Thinkpad P51s Firmware >> 6.0.1.8642 Security Vulnerabilities
Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL preloading.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-12-26
During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-04-22
A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range.
CVSS Score
4.4
EPSS Score
0.001
Published
2021-11-12
A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVSS Score
6.7
EPSS Score
0.0
Published
2021-11-12
An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege.
CVSS Score
6.4
EPSS Score
0.0
Published
2020-06-09
A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution.
CVSS Score
6.4
EPSS Score
0.001
Published
2020-06-09
In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code.
CVSS Score
6.8
EPSS Score
0.001
Published
2018-07-19