Flex System X240 M4 Firmware
CVE-2018-9085
MEDIUM
Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors.
AnalysisAI
A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Incorrect Default Permissions (CWE-276), which allows attackers to access resources due to overly permissive default settings. A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors. Affected products include: Lenovo Flex System X240 M4 Firmware, Lenovo Flex System X440 M4 Firmware, Lenovo System X3750 M4 Firmware, Ibm Bladecenter Hs23 Firmware, Ibm Bladecenter Hs23E Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Set restrictive default permissions, follow principle of least privilege, review defaults during deployment.
More in Flex System X240 M4 Firmware
View allIn various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture
The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware
Same weakness CWE-276 – Incorrect Default Permissions
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today