Skip to main content

Thinkpad P15S Gen 2 Firmware

4 CVEs product

Monthly

CVE-2023-4030 HIGH This Week

A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Thinkpad T15 Gen 2 Firmware Thinkpad P14S Gen 2 Firmware Thinkpad P15S Gen 2 Firmware Thinkpad T14 Gen 2 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-2290 MEDIUM This Month

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Thinkpad E14 Firmware Thinkpad E14 Gen 2 Firmware +83
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-3786 MEDIUM PATCH This Month

A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Lenovo Information Disclosure Thinkpad X380 Yoga Firmware Thinkpad X1 Fold Gen 1 Firmware Thinkpad Yoga 260 Firmware +130
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-3599 MEDIUM PATCH This Month

A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

RCE Thinkpad X380 Yoga Firmware Thinkpad X1 Fold Gen 1 Firmware Thinkpad Yoga 260 Firmware Thinkpad Yoga 11E 3Rd Gen Firmware +129
NVD
CVSS 3.1
6.7
EPSS
0.3%
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Thinkpad T15 Gen 2 Firmware Thinkpad P14S Gen 2 Firmware +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +85
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Lenovo Information Disclosure Thinkpad X380 Yoga Firmware +132
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

RCE Thinkpad X380 Yoga Firmware Thinkpad X1 Fold Gen 1 Firmware +131
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy