Lucene search
LenovoCVELIST:CVE-2019-6170HistoryNov 12, 2019 - 8:40 p.m.
CVE-2019-6170
2019-11-1220:40:53
lenovo
www.cve.org
5
CVSS3
6.4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
EPSS
0
Percentile
12.6%
A potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phase in some Lenovo ThinkPad models may allow arbitrary code execution.
CNA Affected
[
{
"product": "ThinkPad",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "Various",
"status": "affected",
"version": "Various",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2019-6170
2019-11-12 21:15:12
nvd
nvd
CVE-2019-6170
2019-11-12 21:15:12
prion
prion
Code injection
2019-11-12 21:15:00
symantec
symantec
Lenovo ThinkPad CVE-2019-6170 Remote Code Execution Vulnerability
2019-11-12 00:00:00
lenovo
lenovo
Multi-vendor BIOS Security Vulnerabilities - Lenovo Support US
2019-11-05 06:56:29
Multi-vendor BIOS Security Vulnerabilities - Lenovo Support US
2019-11-05 06:56:29
CVSS3
6.4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
EPSS
0
Percentile
12.6%
Related for CVELIST:CVE-2019-6170