Vulnerability CVE-2018-9069


Published: 2018-10-02

Description:
In some Lenovo IdeaPad consumer notebook models, a race condition in the BIOS flash device locking mechanism is not adequately protected against, potentially allowing an attacker with administrator access to alter the contents of BIOS.

Type:

CWE-362

Vendor: HP
Product: 320-15ikbrn firmware 
Product: Lenovo ideapad y520-15ikbn firmware 
Product: Yoga 720-13ikbr firmware 
Product: 320-17ikbrn 
Product: Lenovo ideapad 320s-15ikbr firmware 
Product: Y720-15ikb firmware 
Product: Lenovo ideapad 320-14ikb(i+a) firmware 
Product: V510-15ikb firmware 
Product: E52-80 firmware 
Product: V310-15ikb firmware 
Product: 720s-13ikb firmware 
Product: R720-15ikbn firmware 
Product: 7000-15 u42 firmware 
Product: Lenovo yoga 520-14ikb firmware 
Product: 320s-15ikb firmware 
Product: Lenovo tianyi 310-15ikb firmware 
Product: Zhaoyang k42-80 firmware 
Product: Miix 720-12ikb 
Product: Lenovo ideapad 720s-14ikb firmware 
Product: Yoga 510-14isk firmware 
Product: Lenovo ideapad 320-15abr firmware 
Product: Xx chao5000-ikbra firmware 
Product: Flex 5-1470 firmware 
Product: V330-14ikb firmware 
Product: B320-14ikb firmware 
Product: Rescuer y520-15ikbm firmware 
Product: 710s plus-13ikb 16g firmware 
Product: Nano110-14ikb firmware 
Product: 510s-14isk firmware 
Product: Lenovo y520-15ikba firmware 
Product: 320-15ikbra firmware 
Product: Lenovo ideapad flex 5-1570 firmware 
Product: Yoga 720-13ikb firmware 
Product: Lenovo ideapad 320s-14ikbr firmware 
Product: Y520-15ikbn firmware 
Product: Ideapad 2in1 14 firmware 
Product: V510-14ikb firmware 
Product: E43-80 kbl firmware 
Product: V310-14isk firmware 
Product: 710s plus touch-13ikb firmware 
Product: R720-15ikba firmware 
Product: 520s-14ikb firmware 
Product: Lenovo y720-15ikb firmware 
Product: 320-15ikbrn touch firmware 
Product: Lenovo tianyi 310-14ikb firmware 
Product: Yoga 720-15ikb firmware 
Product: 320s-14ikb 
Product: Lenovo ideapad 520s-14ikbr firmware 
Product: Yoga 310-11iap firmware 
Product: Lenovo ideapad 320-14ikb(i+n) firmware 
Product: Xiaoxinair13ikbpro firmware 
Product: Flex 4-1470 firmware 
Product: V310-15isk firmware 
Product: 720s-14ikbr firmware 
Product: Rescuer r720-15ikbm firmware 
Product: 7000 u42 firmware 
Product: Lenovo yoga 520-15ikb firmware 
Product: 320s-15isk firmware 
Product: Lenovo v720-14 firmware 
Product: 310s-14isk firmware 
Product: Lenovo ideapad flex 5-1470 firmware 
Product: Yoga 520-14ikb firmware 
Product: Lenovo ideapad 320-15ikb(i+n) firmware 
Product: Y520-15ikba firmware 
Product: Flex 5-1570 firmware 
Product: V330-14isk firmware 
Product: E42-80 firmware 
Product: V310-14ikb firmware 
Product: 710s plus-3ikb firmware 
Product: Nano110-15ikb firmware 
Product: 520-15ikbrn firmware 
Product: Lenovo y520-15ikbm firmware 

CVSS2 => (AV:N/AC:M/Au:S/C:N/I:P/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7/10
7.8/10
6.8/10
Exploit range
Attack complexity
Authentication
Remote
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
None
Partial
Complete

 References:
https://support.lenovo.com/us/en/solutions/LEN-20184

Related CVE
CVE-2019-5736
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types ...
CVE-2018-18593
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10...
CVE-2018-7116
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote denial of service via dbman Opcode 10003 'Filename'. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVE-2018-7115
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVE-2018-7114
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVE-2018-7112
The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installe...
CVE-2018-7111
A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Specifically, there is a malfunction identified in some section of the DSM portal and some DSM APIs. The impact of the malfunction is th...
CVE-2018-7076
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04.

Copyright 2019, cxsecurity.com

 

Back to Top