Lenovo Ideacentre_300-20ish_firmware
5 CVEs affecting Lenovo Ideacentre_300-20ish_firmware. Latest disclosed: 2019-11-12. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-6188 | Critical | 9.8 | 2019-11-12 | The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, and T470p, BIOS versions up to R0FET50W, which ma… |
CVE-2017-3753 | Medium | 6.8 | 2017-08-10 | A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, co… |
CVE-2019-6172 | Medium | 6.4 | 2019-11-12 | A potential vulnerability in the SMI callback function used in Legacy USB driver using passed parameter without sufficient checking in some Lenovo ThinkPad mod… |
CVE-2019-6170 | Medium | 6.4 | 2019-11-12 | A potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phase in some Lenovo ThinkPad mod… |
CVE-2019-6156 | Low | 3.3 | 2019-04-10 | In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protecti… |