Skip to main content

Thinkstation P720 Firmware

5 CVEs product

Monthly

CVE-2021-3519 MEDIUM This Month

A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password At Boot Device List" BIOS setting is Yes. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Lenovo Authentication Bypass Ideacentre C5 14Mb05 Firmware Ideacentre 3 07Imb05 Firmware Ideacentre 5 14Imb05 Firmware +56
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2020-8321 MEDIUM This Month

A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Lenovo 130 14Ast Firmware 130 14Ikb Firmware 130 15Ast Firmware +169
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-0130 HIGH PATCH This Week

Reflected XSS in web interface for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an unauthenticated user to potentially enable denial of service via. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Denial Of Service Intel Rapid Storage Technology Enterprise Thinkstation P520 Firmware +3
NVD
CVSS 3.1
7.4
EPSS
1.9%
CVE-2019-6156 LOW PATCH Monitor

In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Lenovo Information Disclosure 510 15Ikl Firmware 510S 08Ikl Firmware Ideacentre 300 20Ish Firmware +174
NVD
CVSS 3.0
3.3
EPSS
0.2%
CVE-2019-0135 HIGH This Week

Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Rapid Storage Technology Enterprise Thinkstation P520 Firmware Thinkstation P520C Firmware +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password At Boot Device List" BIOS setting is Yes. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Lenovo Authentication Bypass Ideacentre C5 14Mb05 Firmware +58
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Lenovo 130 14Ast Firmware +171
NVD
EPSS 2% CVSS 7.4
HIGH PATCH This Week

Reflected XSS in web interface for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an unauthenticated user to potentially enable denial of service via. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Denial Of Service Intel +5
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Lenovo Information Disclosure 510 15Ikl Firmware +176
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Rapid Storage Technology Enterprise +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy