Skip to main content

Thinkpad 11E Yoga Firmware

2 CVEs product

Monthly

CVE-2022-1107 MEDIUM This Month

During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Thinkpad 11E Firmware Thinkpad Helix Firmware Thinkpad L560 Firmware Thinkpad L570 Firmware +26
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-10724 MEDIUM This Month

There is a vulnerability with the Dolby DAX2 API system services in which a low-privileged user can terminate arbitrary processes that are running at a higher privilege. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Legion Y520T Z370 Firmware Aio310 20Iap Firmware Aio510 22Ish Firmware Aio510 23Ish Firmware +104
NVD
CVSS 3.0
6.5
EPSS
1.2%
EPSS 0% CVSS 6.7
MEDIUM This Month

During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Thinkpad 11E Firmware Thinkpad Helix Firmware +28
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

There is a vulnerability with the Dolby DAX2 API system services in which a low-privileged user can terminate arbitrary processes that are running at a higher privilege. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Legion Y520T Z370 Firmware Aio310 20Iap Firmware +106
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy