Lucene search
HistoryApr 10, 2019 - 5:29 p.m.
CVE-2019-6156
lenovo
systems
smm
bios
write protection
spi
protected range registers
prx
vulnerability
nvd
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
3.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3.8 Low
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). Lenovo was notified that after resuming from S3 sleep mode in various versions of BIOS for Lenovo systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.
Affected configurations
Node
lenovo510-15ikl_firmwareMatch-
lenovo510-15iklMatch-
Node
lenovo510s-08ikl_firmwareMatch-
lenovo510s-08iklMatch-
Node
lenovoideacentre_300-20ish_firmwareMatch-
lenovoideacentre_300-20ishMatch-
Node
lenovoideacentre_300s-11ish_firmwareMatch-
lenovoideacentre_300s-11ishMatch-
Node
lenovoideacentre_510-15icb_firmwareRange<o3qkt32a
lenovoideacentre_510-15icbMatch-
Node
lenovoideacentre_510a-15icb_firmwareRange<o3qkt32a
lenovoideacentre_510a-15icbMatch-
Node
lenovoideacentre_510s-08ish_firmwareMatch-
lenovoideacentre_510s-08ishMatch-
Node
lenovoideacentre_620s-03ikl_firmwareMatch-
lenovoideacentre_620s-03iklMatch-
Node
lenovoideacentre_700_firmwareRange<fwkt9aa
lenovoideacentre_700Match-
Node
lenovoideacentre_720-18icb_firmwareRange<o3qkt32a
lenovoideacentre_720-18icbMatch-
Node
lenovolegion_c530-19icb_firmwareRange<o3lkt20a
lenovolegion_c530-19icbMatch-
Node
lenovolegion_c730-19ico_firmwareRange<o3nkt20a
lenovolegion_c730-19icoMatch-
Node
lenovolegion_t530-28icb_firmwareRange<o3lkt20a
lenovolegion_t530-28icbMatch-
Node
lenovolegion_t730-28ico_firmwareRange<o3nkt20a
lenovolegion_t730-28icoMatch-
Node
lenovolegion_y520t_z370_firmwareMatch-
lenovolegion_y520t_z370Match-
Node
lenovolegion_y720_tower_firmwareMatch-
lenovolegion_y720_towerMatch-
Node
lenovolegion_y920_tower_firmwareMatch-
lenovolegion_y920_towerMatch-
Node
lenovolenovo_63_firmwareMatch-
lenovolenovo_63Match-
Node
lenovoh50-30g_desktop_firmwareMatch-
lenovoh50-30g_desktopMatch-
Node
lenovom4500_firmwareMatch-
lenovom4500Match-
Node
lenovom4500_id_firmwareMatch-
lenovom4500_idMatch-
Node
lenovom4550_id_firmwareMatch-
lenovom4550_idMatch-
Node
lenovo530s-07icb_firmwareMatch-
lenovo530s-07icbMatch-
Node
lenovoqitian_4500_firmwareMatch-
lenovoqitian_4500Match-
Node
lenovoqitian_b4550_firmwareMatch-
lenovoqitian_b4550Match-
Node
lenovoqitian_b4650_firmwareMatch-
lenovoqitian_b4650Match-
Node
lenovoqitian_m4550_firmwareMatch-
lenovoqitian_m4550Match-
Node
lenovoqitian_m4600_firmwareMatch-
lenovoqitian_m4600Match-
Node
lenovoqitian_m4650_firmwareMatch-
lenovoqitian_m4650Match-
Node
lenovoqt_m410_firmwareMatch-
lenovoqt_m410Match-
Node
lenovoqt_b415_firmwareMatch-
lenovoqt_b415Match-
Node
lenovoqt_m415_firmwareMatch-
lenovoqt_m415Match-
Node
lenovothinkcentre_e73_\(sff\)_firmwareMatch-
lenovothinkcentre_e73_\(sff\)Match-
Node
lenovothinkcentre_e73_\(twr\)_firmwareMatch-
lenovothinkcentre_e73_\(twr\)Match-
Node
lenovothinkcentre_e73s_firmwareMatch-
lenovothinkcentre_e73sMatch-
Node
lenovothinkcentre_e74_firmwareMatch-
lenovothinkcentre_e74Match-
Node
lenovothinkcentre_e74s_firmwareMatch-
lenovothinkcentre_e74sMatch-
Node
lenovothinkcentre_e75t_firmwareMatch-
lenovothinkcentre_e75tMatch-
Node
lenovothinkcentre_e75s_firmwareMatch-
lenovothinkcentre_e75sMatch-
Node
lenovothinkcentre_e93_\(sff\)_firmwareRange<fbktd5a
lenovothinkcentre_e93_\(sff\)Match-
Node
lenovothinkcentre_e93_\(twr\)_firmwareRange<fbktd5a
lenovothinkcentre_e93_\(twr\)Match-
Node
lenovothinkcentre_m4500k_firmwareMatch-
lenovothinkcentre_m4500kMatch-
Node
lenovothinkcentre_m4500q_firmwareMatch-
lenovothinkcentre_m4500qMatch-
Node
lenovothinkcentre_m4500t_firmwareMatch-
lenovothinkcentre_m4500tMatch-
Node
lenovothinkcentre_m4500s_firmwareMatch-
lenovothinkcentre_m4500sMatch-
Node
lenovothinkcentre_m4600t_firmwareMatch-
lenovothinkcentre_m4600tMatch-
Node
lenovothinkcentre_m4600s_firmwareMatch-
lenovothinkcentre_m4600sMatch-
Node
lenovothinkcentre_m610_firmwareRange<m1akt3fa
lenovothinkcentre_m610Match-
Node
lenovothinkcentre_m6500t_firmwareRange<fbktd5a
lenovothinkcentre_m6500tMatch-
Node
lenovothinkcentre_m6500s_firmwareRange<fbktd5a
lenovothinkcentre_m6500sMatch-
Node
lenovothinkcentre_m6600_firmwareRange<fwkt9aa
lenovothinkcentre_m6600Match-
Node
lenovothinkcentre_m6600q_firmwareRange<fwkt9aa
lenovothinkcentre_m6600qMatch-
Node
lenovothinkcentre_m6600t_firmwareRange<fwkt9aa
lenovothinkcentre_m6600tMatch-
Node
lenovothinkcentre_m6600s_firmwareRange<fwkt9aa
lenovothinkcentre_m6600sMatch-
Node
lenovothinkcentre_m700q_firmwareRange<fwkt9aa
lenovothinkcentre_m700qMatch-
Node
lenovothinkcentre_m700t_firmwareMatch-
lenovothinkcentre_m700tMatch-
Node
lenovothinkcentre_m700s_firmwareMatch-
lenovothinkcentre_m700sMatch-
Node
lenovothinkcentre_m710e_firmwareMatch-
lenovothinkcentre_m710eMatch-
Node
lenovothinkcentre_m710q_firmwareRange<m1akt3fa
lenovothinkcentre_m710qMatch-
Node
lenovothinkcentre_m710t_firmwareMatch-
lenovothinkcentre_m710tMatch-
Node
lenovothinkcentre_m710s_firmwareMatch-
lenovothinkcentre_m710sMatch-
Node
lenovothinkcentre_m720q_firmwareRange<m1ukt33a
lenovothinkcentre_m720qMatch-
Node
lenovothinkcentre_m720t_firmwareRange≤m1ukt33a
lenovothinkcentre_m720tMatch-
Node
lenovothinkcentre_m720s_firmwareRange<m1ukt33a
lenovothinkcentre_m720sMatch-
Node
lenovothinkcentre_m73_\(sff\)_firmwareMatch-
lenovothinkcentre_m73_\(sff\)Match-
Node
lenovothinkcentre_m73_\(twr\)_firmwareMatch-
lenovothinkcentre_m73_\(twr\)Match-
Node
lenovothinkcentre_m73_tiny_firmwareMatch-
lenovothinkcentre_m73_tinyMatch-
Node
lenovothinkcentre_m73p_firmwareRange<fbktd5a
lenovothinkcentre_m73pMatch-
Node
lenovothinkcentre_m800_firmwareRange<fwkt9aa
lenovothinkcentre_m800Match-
Node
lenovothinkcentre_m83_\(sff\)_firmwareRange<fbktd5a
lenovothinkcentre_m83_\(sff\)Match-
Node
lenovothinkcentre_m83_\(tiny\)_firmwareRange<fbktd5a
lenovothinkcentre_m83_\(tiny\)Match-
Node
lenovothinkcentre_m83_\(twr\)_firmwareRange<fbktd5a
lenovothinkcentre_m83_\(twr\)Match-
Node
lenovothinkcentre_m8500t_firmwareRange<fbktd5a
lenovothinkcentre_m8500tMatch-
Node
lenovothinkcentre_m8500s_firmwareRange<fbktd5a
lenovothinkcentre_m8500sMatch-
Node
lenovothinkcentre_m8600t_firmwareRange<fwkt9aa
lenovothinkcentre_m8600tMatch-
Node
lenovothinkcentre_m8600s_firmwareRange<fwkt9aa
lenovothinkcentre_m8600sMatch-
Node
lenovothinkcentre_m900_firmwareRange<fwkt9aa
lenovothinkcentre_m900Match-
Node
lenovothinkcentre_m910t_firmwareRange<m1akt3fa
lenovothinkcentre_m910tMatch-
Node
lenovothinkcentre_m910s_firmwareRange<m1akt3fa
lenovothinkcentre_m910sMatch-
Node
lenovothinkcentre_m910q_firmwareRange<m1akt3fa
lenovothinkcentre_m910qMatch-
Node
lenovothinkcentre_m910x_firmwareRange<m1akt3fa
lenovothinkcentre_m910xMatch-
Node
lenovothinkcentre_m920q_firmwareRange<m1ukt33a
lenovothinkcentre_m920qMatch-
Node
lenovothinkcentre_m920x_firmwareRange<m1ukt33a
lenovothinkcentre_m920xMatch-
Node
lenovothinkcentre_m920t_firmwareRange<m1ukt33a
lenovothinkcentre_m920tMatch-
Node
lenovothinkcentre_m920s_firmwareRange<m1ukt33a
lenovothinkcentre_m920sMatch-
Node
lenovothinkcentre_m93_firmwareRange<fbktd5a
lenovothinkcentre_m93Match-
Node
lenovothinkcentre_m93p_\(sff\)_firmwareRange<fbktd5a
lenovothinkcentre_m93p_\(sff\)Match-
Node
lenovothinkcentre_m93p_\(twr\)_firmwareRange<fbktd5a
lenovothinkcentre_m93p_\(twr\)Match-
Node
lenovothinkcentre_m93p_tiny_firmwareRange<fbktd5a
lenovothinkcentre_m93p_tinyMatch-
Node
lenovothinkcentre_s510_firmwareMatch-
lenovothinkcentre_s510Match-
Node
lenovov520s-08ikl_firmwareMatch-
lenovov520s-08iklMatch-
Node
lenovov520t-15ikl_firmwareMatch-
lenovov520t-15iklMatch-
Node
lenovoyangtian_afh110_firmwareMatch-
lenovoyangtian_afh110Match-
Node
lenovoyangtian_afh81_firmwareMatch-
lenovoyangtian_afh81Match-
Node
lenovoyangtian_afq150_firmwareRange<fwkt9aa
lenovoyangtian_afq150Match-
Node
lenovoyangtian_mc_h110_firmwareMatch-
lenovoyangtian_mc_h110Match-
Node
lenovoyangtian_mc_h110_pci_firmwareMatch-
lenovoyangtian_mc_h110_pciMatch-
Node
lenovoyangtian_mc_h81_firmwareMatch-
lenovoyangtian_mc_h81Match-
Node
lenovoyangtian_me\/we_h110_firmwareMatch-
lenovoyangtian_me\/we_h110Match-
Node
lenovoyangtian_mf\/wf_h110_pci_firmwareMatch-
lenovoyangtian_mf\/wf_h110_pciMatch-
Node
lenovoyangtian_mf\/wf_h81_pci_firmwareMatch-
lenovoyangtian_mf\/wf_h81_pciMatch-
Node
lenovoyangtian_ms\/ws_h81_firmwareMatch-
lenovoyangtian_ms\/ws_h81Match-
Node
lenovoyangtian_tc\/wc_h110_pci_firmwareMatch-
lenovoyangtian_tc\/wc_h110_pciMatch-
Node
lenovoyangtian_tc\/wcc_h81_pci_firmwareMatch-
lenovoyangtian_tc\/wcc_h81_pciMatch-
Node
lenovoyangtian_ytm6900e-00_firmwareMatch-
lenovoyangtian_ytm6900e-00Match-
Node
lenovoyta8900f_firmwareRange<fwkt9aa
lenovoyta8900fMatch-
Node
lenovoaio_910-27ish_firmwareRange<o37kt13a
lenovoaio_910-27ishMatch-
Node
lenovoaio_y910-27ish_firmwareMatch-
lenovoaio_y910-27ishMatch-
Node
lenovoaio300-23isu\(c5130\)_firmwareRange<o1lkt46a
lenovoaio300-23isu\(c5130\)Match-
Node
lenovoaio520-22ikl_firmwareMatch-
lenovoaio520-22iklMatch-
Node
lenovoaio520-22iku_firmwareMatch-
lenovoaio520-22ikuMatch-
Node
lenovoaio520-24ikl_firmwareMatch-
lenovoaio520-24iklMatch-
Node
lenovoaio520-24iku_firmwareMatch-
lenovoaio520-24ikuMatch-
Node
lenovoaio520-27ikl_firmwareMatch-
lenovoaio520-27iklMatch-
Node
lenovoideacentre_520s-23iku_firmwareRange<o34kt23a
lenovoideacentre_520s-23ikuMatch-
Node
lenovoideacentre_730s-24ikb_firmwareRange<o3wkt15a
lenovoideacentre_730s-24ikbMatch-
Node
lenovoqt_a7400_firmwareMatch-
lenovoqt_a7400Match-
Node
lenovothinkcenter_m700z_firmwareMatch-
lenovothinkcenter_m700zMatch-
Node
lenovothinkcenter_m800z_firmwareMatch-
lenovothinkcenter_m800zMatch-
Node
lenovothinkcentre_e74z_firmwareMatch-
lenovothinkcentre_e74zMatch-
Node
lenovothinkcentre_e95z_firmwareRange<m1lkt20a
lenovothinkcentre_e95zMatch-
Node
lenovothinkcentre_e96z_firmwareRange<m26kt11a
lenovothinkcentre_e96zMatch-
Node
lenovothinkcentre_m700z_firmwareMatch-
lenovothinkcentre_m700zMatch-
Node
lenovothinkcentre_m7300z_firmwareMatch-
lenovothinkcentre_m7300zMatch-
Node
lenovothinkcentre_m800z_firmwareMatch-
lenovothinkcentre_m800zMatch-
Node
lenovothinkcentre_m810z_firmwareMatch-
lenovothinkcentre_m810zMatch-
Node
lenovothinkcentre_m818z_firmwareMatch-
lenovothinkcentre_m818zMatch-
Node
lenovothinkcentre_m820z_firmwareMatch-
lenovothinkcentre_m820zMatch-
Node
lenovothinkcentre_m8300z_firmwareMatch-
lenovothinkcentre_m8300zMatch-
Node
lenovothinkcentre_m8350z_firmwareMatch-
lenovothinkcentre_m8350zMatch-
Node
lenovothinkcentre_m83z_\(aio\)_firmwareMatch-
lenovothinkcentre_m83z_\(aio\)Match-
Node
lenovothinkcentre_m900z_firmwareMatch-
lenovothinkcentre_m900zMatch-
Node
lenovothinkcentre_m910z_firmwareMatch-
lenovothinkcentre_m910zMatch-
Node
lenovothinkcentre_m920z_firmwareMatch-
lenovothinkcentre_m920zMatch-
Node
lenovothinkcentre_m9500z_firmwareMatch-
lenovothinkcentre_m9500zMatch-
Node
lenovothinkcentre_m9550z_firmwareMatch-
lenovothinkcentre_m9550zMatch-
Node
lenovothinkcentre_x1_aio_firmwareMatch-
lenovothinkcentre_x1_aioMatch-
Node
lenovov310z\(yt_s3150\)_firmwareRange<m18kt25a
lenovov310z\(yt_s3150\)Match-
Node
lenovov410z\(yt_s4250\)_firmwareRange<m17kt41a
lenovov410z\(yt_s4250\)Match-
Node
lenovov510z_\(yt_s5250\)_firmwareRange<m1dkt26a
lenovov510z_\(yt_s5250\)Match-
Node
lenovov530-22icb\(yt_s4350\)_firmwareRange<m20kt38a
lenovov530-22icb\(yt_s4350\)Match-
Node
lenovov530-24icb\(yt_s5350\)_firmwareRange<m20kt38a
lenovov530-24icb\(yt_s5350\)Match-
Node
lenovo330-14igm_firmwareRange<7xcn30ww
lenovo330-14igmMatch-
Node
lenovo330-15igm_firmwareRange<7xcn30ww
lenovo330-15igmMatch-
Node
lenovothinkpad_e480_firmwareRange<r0pet54w
lenovothinkpad_e480Match-
Node
lenovothinkpad_e580_firmwareRange<r0pet54w
lenovothinkpad_e580Match-
Node
lenovothinkpad_e570p_firmwareRange<r0met46w
lenovothinkpad_e570pMatch-
Node
lenovothinkpad_s5_firmwareRange<r0met46w
lenovothinkpad_s5Match-
Node
lenovothinkpad_l480_firmwareRange<r0qet54w
lenovothinkpad_l480Match-
Node
lenovothinkpad_l580_firmwareRange<r0qet54w
lenovothinkpad_l580Match-
Node
lenovothinkpad_s5_firmwareRange<r09et70w
lenovothinkpad_s5Match-
Node
lenovothinkpad_e560p_firmwareRange<r09et70w
lenovothinkpad_e560pMatch-
Node
lenovothinkpad_t460_firmwareRange<r06et66w
lenovothinkpad_t460Match-
Node
lenovothinkpad_t460p_firmwareRange<r07et88w
lenovothinkpad_t460pMatch-
Node
lenovothinkpad_x260_firmwareRange<r02et70w
lenovothinkpad_x260Match-
Node
lenovothinkpad_x380_yoga_firmwareRange<r0set42w
lenovothinkpad_x380_yogaMatch-
Node
lenovothinkstation_c30_refresh_firmwareMatch-
lenovothinkstation_c30_refreshMatch-
Node
lenovothinkstation_d30_refresh_firmwareMatch-
lenovothinkstation_d30_refreshMatch-
Node
lenovothinkstation_e32_firmwareRange<fbktd5a
lenovothinkstation_e32Match-
Node
lenovothinkstation_p300_firmwareRange<fbktd5a
lenovothinkstation_p300Match-
Node
lenovothinkstation_p310_firmwareMatch-
lenovothinkstation_p310Match-
Node
lenovothinkstation_p318_firmwareRange<m1akt3fa
lenovothinkstation_p318Match-
Node
lenovothinkstation_p320_firmwareRange<s06kt40a
lenovothinkstation_p320Match-
Node
lenovothinkstation_p320_tiny_firmwareRange<m1akt3fa
lenovothinkstation_p320_tinyMatch-
Node
lenovothinkstation_p330_firmwareRange<m1vkt34a
lenovothinkstation_p330Match-
Node
lenovothinkstation_p330_tiny_firmwareRange<m1ukt33a
lenovothinkstation_p330_tinyMatch-
Node
lenovothinkstation_p410_firmwareMatch-
lenovothinkstation_p410Match-
Node
lenovothinkstation_p500_firmwareMatch-
lenovothinkstation_p500Match-
Node
lenovothinkstation_p510Match-
lenovothinkstation_p510_firmwareMatch-
Node
lenovothinkstation_p520Match-
lenovothinkstation_p520_firmwareMatch-
Node
lenovothinkstation_p520cMatch-
lenovothinkstation_p520c_firmwareMatch-
Node
lenovothinkstation_p700Match-
lenovothinkstation_p700_firmwareMatch-
Node
lenovothinkstation_p710_firmwareMatch-
lenovothinkstation_p710Match-
Node
lenovothinkstation_p720_firmwareMatch-
lenovothinkstation_p720Match-
Node
lenovothinkstation_p900Match-
lenovothinkstation_p900_firmwareMatch-
Node
lenovothinkstation_p910Match-
lenovothinkstation_p910_firmwareMatch-
Node
lenovothinkstation_p920Match-
lenovothinkstation_p920_firmwareMatch-
Node
lenovothinkstation_s30_refreshMatch-
lenovothinkstation_s30_refresh_firmwareMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| lenovo:510-15ikl_firmware | lenovo 510-15ikl firmware | eq | - |
CNA Affected
[
{
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
]References
Related
lenovo
lenovo
SPI Protected Range Registers Affected by S3 Sleep Mode - US
2019-04-01 21:13:48
SPI Protected Range Registers Affected by S3 Sleep Mode - Lenovo Support US
2019-04-01 21:13:48
nvd
nvd
CVE-2019-6156
2019-04-10 17:29:00
prion
prion
Code injection
2019-04-10 17:29:00
cvelist
cvelist
CVE-2019-6156
2019-04-04 00:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
3.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3.8 Low
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
Related for CVE-2019-6156