CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Lenovo : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-3770 77 Exec Code 2017-09-22 2017-10-03
6.5
None Remote Low Single system Partial Partial Partial
Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 where an authenticated user may be able to abuse certain web interface functionality to execute privileged commands within the underlying LXCA operating system.
2 CVE-2017-3763 255 2017-09-22 2017-10-03
2.1
None Local Low Not required Partial None None
An attacker who obtains access to the location where the LXCA file system is stored may be able to access credentials of local LXCA accounts in LXCA versions earlier than 1.3.2.
3 CVE-2017-3761 77 Exec Code 2017-10-17 2017-11-06
10.0
None Remote Low Not required Complete Complete Complete
The Lenovo Service Framework Android application executes some system commands without proper sanitization of external input. In certain cases, this could lead to command injection which, in turn, could lead to remote code execution.
4 CVE-2017-3760 255 Exec Code 2017-10-17 2017-11-06
5.1
None Remote High Not required Partial Partial Partial
The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. This exposes the application to man-in-the-middle attacks leading to possible remote code execution.
5 CVE-2017-3759 20 Exec Code 2017-10-17 2017-11-08
6.8
None Remote Medium Not required Partial Partial Partial
The Lenovo Service Framework Android application accepts some responses from the server without proper validation. This exposes the application to man-in-the-middle attacks leading to possible remote code execution.
6 CVE-2017-3758 284 Exec Code 2017-10-17 2017-11-08
7.5
None Remote Low Not required Partial Partial Partial
Improper access controls on several Android components in the Lenovo Service Framework application can be exploited to enable remote code execution.
7 CVE-2017-3756 264 Exec Code 2017-08-18 2017-09-07
7.2
None Local Low Not required Complete Complete Complete
A privilege escalation vulnerability was identified in Lenovo Active Protection System for ThinkPad systems versions earlier than 1.82.0.17. An attacker with local privileges could execute code with administrative privileges via an unquoted service path.
8 CVE-2017-3754 254 2017-07-17 2017-08-15
7.2
None Local Low Not required Complete Complete Complete
Some Lenovo brand notebook systems do not have write protections properly configured in the system BIOS. This could enable an attacker with physical or administrative access to a system to be able to flash the BIOS with an arbitrary image and potentially run malicious BIOS code.
9 CVE-2017-3753 94 Bypass 2017-08-09 2017-08-29
7.2
None Local Low Not required Complete Complete Complete
A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, conditions exist where an attacker with administrative privileges or physical access to a system may be able to run specially crafted code that can allow them to bypass system protections such as Device Guard and Hyper-V.
10 CVE-2017-3752 20 2017-08-09 2017-08-30
4.3
None Local Network Medium Not required None Partial Partial
An industry-wide vulnerability has been identified in the implementation of the Open Shortest Path First (OSPF) routing protocol used on some Lenovo switches. Exploitation of these implementation flaws may result in attackers being able to erase or alter the routing tables of one or many routers, switches, or other devices that support OSPF within a routing domain.
11 CVE-2017-3751 428 Exec Code 2017-08-09 2017-08-24
7.2
None Local Low Not required Complete Complete Complete
An unquoted service path vulnerability was identified in the driver for the ThinkPad Compact USB Keyboard with TrackPoint versions earlier than 1.5.5.0. This could allow an attacker with local privileges to execute code with administrative privileges.
12 CVE-2017-3747 264 2017-06-29 2017-07-05
2.1
None Local Low Not required None Partial None
Privilege escalation vulnerability in Lenovo Nerve Center for Windows 10 on Desktop systems (Lenovo Nerve Center for notebook systems is not affected) that could allow an attacker with local privileges on a system to alter registry keys.
13 CVE-2017-3746 284 Exec Code 2017-08-28 2017-09-12
7.2
None Local Low Not required Complete Complete Complete
ThinkPad USB 3.0 Ethernet Adapter (part number 4X90E51405) driver, various versions, was found to contain a privilege escalation vulnerability that could allow a local user to execute arbitrary code with administrative or system level privileges.
14 CVE-2017-3745 287 +Priv 2017-06-19 2017-06-30
2.1
None Local Low Not required Partial None None
In Lenovo XClarity Administrator (LXCA) before 1.3.0, if service data is downloaded from LXCA, a non-administrative user may have access to password information for users that have previously authenticated to the LXCA's internal LDAP server, including administrative accounts and service accounts with administrative privileges. This is an issue only for users who have used local authentication with LXCA and not remote authentication against external LDAP or ADFS servers.
15 CVE-2017-3744 77 2017-06-19 2017-07-05
4.0
None Remote Low Single system Partial None None
In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands.
16 CVE-2017-3743 200 +Info 2017-06-19 2017-06-30
3.5
None Remote Medium Single system Partial None None
If multiple users are concurrently logged into a single system where one user is sending a command via the Lenovo ToolsCenter Advanced Settings Utility (ASU), UpdateXpress System Pack Installer (UXSPI) or Dynamic System Analysis (DSA) to a second machine, the other users may be able to see the user ID and clear text password that were used to access the second machine during the time the command is processing.
17 CVE-2017-3742 200 +Info 2017-07-17 2017-07-26
2.3
None Local Network Medium Single system Partial None None
In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. An attacker with read access to the user's contents could connect to the Connect2 hotspot and see the contents of files while they are being transferred between the two systems.
18 CVE-2017-3741 254 2017-06-04 2017-06-13
2.1
None Local Low Not required None Partial None
In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbon 5th generation.
19 CVE-2017-3740 264 DoS 2017-06-04 2017-06-13
4.9
None Local Low Not required None None Complete
In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.
20 CVE-2016-8237 264 Exec Code 2017-04-10 2017-04-17
9.3
None Remote Medium Not required Complete Complete Complete
Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle attackers to execute arbitrary code.
21 CVE-2016-8236 284 2017-03-03 2017-03-09
5.0
None Remote Low Not required None Partial None
Reset to default settings may occur in Lenovo ThinkServer TSM RD350, RD450, RD550, RD650, TD350 during a prolonged broadcast storm in TSM versions earlier than 3.77.
22 CVE-2016-8235 264 Exec Code 2017-04-10 2017-04-17
7.2
None Local Low Not required Complete Complete Complete
Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges.
23 CVE-2016-8233 532 2017-03-01 2017-03-02
5.0
None Remote Low Not required Partial None None
Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may contain user credentials in a non-secure, clear text form that could be viewed by a non-privileged user.
24 CVE-2016-8231 295 2017-06-04 2017-06-09
5.0
None Remote Low Not required None Partial None
In Lenovo Service Bridge before version 4, a bug found in the signature verification logic of the code signing certificate could be exploited by an attacker to insert a forged code signing certificate.
25 CVE-2016-8230 200 +Info 2017-06-04 2017-06-09
5.0
None Remote Low Not required Partial None None
In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send system serial number, machine type and model and product name to Lenovo's servers.
26 CVE-2016-8229 352 CSRF 2017-06-04 2017-06-09
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site request forgery vulnerability in Lenovo Service Bridge before version 4 could be exploited by an attacker with access to the DHCP server used by the system where LSB is installed.
27 CVE-2016-8228 264 Exec Code 2017-06-04 2017-06-09
7.2
None Local Low Not required Complete Complete Complete
In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges.
28 CVE-2016-8227 284 Exec Code 2017-01-26 2017-01-27
7.2
None Local Low Not required Complete Complete Complete
Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges.
29 CVE-2016-8226 19 DoS 2017-01-26 2017-01-31
6.8
None Remote Low Single system None None Complete
The BIOS in Lenovo System X M5, M6, and X6 systems allows administrators to cause a denial of service via updating a UEFI data structure.
30 CVE-2016-8225 428 Exec Code 2017-01-26 2017-01-31
4.6
None Local Low Not required Partial Partial Partial
Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges.
31 CVE-2016-8224 310 DoS 2016-11-29 2016-12-06
4.6
None Local Low Single system None None Complete
A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system.
32 CVE-2016-8223 284 2016-11-29 2016-12-06
7.2
None Local Low Not required Complete Complete Complete
During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level privileges.
33 CVE-2016-8222 284 DoS 2016-11-30 2016-12-06
4.7
None Local Medium Not required None None Complete
A vulnerability has been identified in a signed kernel driver for the BIOS of some ThinkPad systems that can allow an attacker with Windows administrator-level privileges to call System Management Mode (SMM) services. This could lead to a denial of service attack or allow certain BIOS variables or settings to be altered (such as boot sequence). The setting or changing of BIOS passwords is not affected by this vulnerability.
34 CVE-2016-8221 264 2017-01-12 2017-01-19
1.9
None Local Medium Not required Partial None None
Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.
35 CVE-2016-8106 20 DoS 2017-01-09 2017-07-26
4.3
None Remote Medium Not required None None Partial
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.
36 CVE-2016-6257 310 2016-08-02 2016-08-12
3.3
None Local Network Low Not required None Partial None
The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system by leveraging proximity to the dongle, aka a "KeyJack injection attack."
37 CVE-2016-5729 264 Exec Code 2016-06-30 2016-11-28
6.8
None Local Low Single system Complete Complete Complete
Lenovo BIOS EFI Driver allows local administrators to execute arbitrary code with System Management Mode (SMM) privileges via unspecified vectors.
38 CVE-2016-5248 264 2016-06-30 2016-07-08
2.1
None Local Low Not required None None Partial
The StopProxy command in LSC.Services.SystemService in Lenovo Solution Center before 3.3.003 allows local users to terminate arbitrary processes via the PID argument.
39 CVE-2016-5247 254 Bypass 2016-09-22 2016-09-23
7.2
None Local Low Not required Complete Complete Complete
The BIOS for Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, M6600t/s, M73p, M800, M83, M8500t/s, M8600t/s, M900, M93, and M93P devices; ThinkServer RQ940, RS140, TS140, TS240, TS440, and TS540 devices; and ThinkStation E32, P300, and P310 devices might allow local users or physically proximate attackers to bypass the Secure Boot protection mechanism by leveraging an AMI test key.
40 CVE-2016-4783 79 XSS 2016-05-23 2016-05-25
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."
41 CVE-2016-4782 20 2016-05-23 2016-05-25
9.3
None Remote Medium Not required Complete Complete Complete
Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."
42 CVE-2016-3944 20 Exec Code 2016-06-03 2016-06-07
9.3
None Remote Medium Not required Complete Complete Complete
UpdateAgent in Lenovo Accelerator Application allows man-in-the-middle attackers to execute arbitrary code by spoofing an update response from susapi.lenovomm.com.
43 CVE-2016-2393 264 +Priv 2016-04-11 2016-04-13
7.2
None Local Low Not required Complete Complete Complete
Lenovo Fingerprint Manager before 8.01.57 and Touch Fingerprint before 1.00.08 use weak ACLs for unspecified (1) services and (2) files, which allows local users to gain privileges by invalidating local checks.
44 CVE-2016-1876 264 +Priv 2017-05-23 2017-06-07
7.2
None Local Low Not required Complete Complete Complete
The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors.
45 CVE-2016-1492 284 2016-01-26 2016-12-22
2.9
None Local Network Medium Not required Partial None None
The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
46 CVE-2016-1491 255 2016-01-26 2016-12-22
5.4
None Local Network Medium Not required Partial Partial Partial
The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
47 CVE-2016-1490 200 +Info 2016-01-26 2016-12-22
2.7
None Local Network Low Single system Partial None None
The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list.
48 CVE-2016-1489 254 +Info 2016-01-26 2016-12-22
4.3
None Local Network Medium Not required Partial Partial None
Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors.
49 CVE-2015-8110 264 +Priv 2017-04-24 2017-04-28
7.2
None Local Low Not required Complete Complete Complete
Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by navigating to (1) "Click here to learn more" or (2) "View privacy policy" within the Tvsukernel.exe GUI application in the context of a temporary administrator account, aka a "local privilege escalation vulnerability."
50 CVE-2015-8109 255 +Priv 2017-04-24 2017-04-28
6.9
None Local Medium Not required Complete Complete Complete
Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by making a prediction of tvsu_tmp_xxxxxXXXXX account credentials that requires knowledge of the time that this account was created, aka a "temporary administrator account vulnerability."
Total number of vulnerabilities : 74   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.