Lucene search

[email protected]NVD:CVE-2018-16098

HistoryJan 24, 2019 - 10:29 p.m.

CVE-2018-16098

2019-01-2422:29:00

CWE-428

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics Pointing Device driver which could allow unauthorized code execution as a low privilege user.

Affected configurations

Nvd

Node

lenovosynaptics_thinkpad_ultranav_driverMatch18.0.7.119

AND

microsoftwindows_7Match-

microsoftwindows_8.1Match-pro_n

Node

lenovosynaptics_thinkpad_ultranav_driverMatch19.5.19.33

AND

microsoftwindows_10Match-

Node

lenovosynaptics_thinkpad_ultranav_driverMatch19.0.17.140

AND

microsoftwindows_7Match-

microsoftwindows_8.1Match-

Node

lenovosynaptics_thinkpad_ultranav_driverMatch19.3.4.219

AND

microsoftwindows_10Match-

microsoftwindows_7Match-

microsoftwindows_8.1Match-

Node

lenovosynaptics_thinkpad_ultranav_driverMatch16.2.19.23

AND

microsoftwindows_7Match-

microsoftwindows_8.1Match-

Node

lenovosynaptics_thinkpad_ultranav_driverMatch18.1.27.42

AND

microsoftwindows_7Match-

microsoftwindows_8.1Match-

Node

lenovothinkpad_helix_firmwareMatch-

AND

lenovothinkpad_helixMatch-

Node

lenovothiankpad_l430_firmwareMatch-

AND

lenovothiankpad_l430Match-

Node

lenovothiankpad_l530_firmwareMatch-

AND

lenovothiankpad_l530Match-

Node

lenovothiankpad_p1_firmwareMatch-

AND

lenovothiankpad_p1Match-

Node

lenovothiankpad_x1_extreme_firmwareMatch-

AND

lenovothiankpad_x1_extremeMatch-

Node

lenovothiankpad_p50s_firmwareMatch-

AND

lenovothiankpad_p50sMatch-

Node

lenovothiankpad_p51_firmwareMatch-

AND

lenovothiankpad_p51Match-

Node

lenovothiankpad_p51s_firmwareMatch-

AND

lenovothiankpad_p51sMatch-

Node

lenovothiankpad_p52s_firmwareMatch-

AND

lenovothiankpad_p52sMatch-

Node

lenovothiankpad_p70_firmwareMatch-

AND

lenovothiankpad_p70Match-

Node

lenovothiankpad_s1_yoga_firmwareMatch-

AND

lenovothiankpad_s1_yogaMatch-

Node

lenovothiankpad_s430_firmwareMatch-

AND

lenovothiankpad_s430Match-

Node

lenovothiankpad_t420_firmwareMatch-

AND

lenovothiankpad_t420Match-

Node

lenovothiankpad_t420i_firmwareMatch-

AND

lenovothiankpad_t420iMatch-

Node

lenovothinkpad_t420s_firmwareMatch-

AND

lenovothinkpad_t420sMatch-

Node

lenovothinkpad_t420si_firmwareMatch-

AND

lenovothinkpad_t420siMatch-

Node

lenovothinkpad_t430s_firmwareMatch-

AND

lenovothinkpad_t430sMatch-

Node

lenovothinkpad_t430i_firmwareMatch-

AND

lenovothinkpad_t430iMatch-

Node

lenovothinkpad_t430s_firmwareMatch-

AND

lenovothinkpad_t430sMatch-

Node

lenovothinkpad_t431s_firmwareMatch-

AND

lenovothinkpad_t431sMatch-

Node

lenovothinkpad_t440_firmwareMatch-

AND

lenovothinkpad_t440Match-

Node

lenovothinkpad_t440s_firmwareMatch-

AND

lenovothinkpad_t440sMatch-

Node

lenovothinkpad_t440p_firmwareMatch-

AND

lenovothinkpad_t440pMatch-

Node

lenovothinkpad_t460s_firmwareMatch-

AND

lenovothinkpad_t460sMatch-

Node

lenovothinkpad_t470_firmwareMatch-

AND

lenovothinkpad_t470Match-

Node

lenovothinkpad_t470s_firmwareMatch-

AND

lenovothinkpad_t470sMatch-

Node

lenovothinkpad_t430s_firmwareMatch-

AND

lenovothinkpad_t430sMatch-

Node

lenovothinkpad_t520_firmwareMatch-

AND

lenovothinkpad_t520Match-

Node

lenovothinkpad_t520i_firmwareMatch-

AND

lenovothinkpad_t520iMatch-

Node

lenovothinkpad_t530_firmwareMatch-

AND

lenovothinkpad_t530Match-

Node

lenovothinkpad_t530i_firmwareMatch-

AND

lenovothinkpad_t530iMatch-

Node

lenovothinkpad_t540_firmwareMatch-

AND

lenovothinkpad_t540Match-

Node

lenovothinkpad_t540p_firmwareMatch-

AND

lenovothinkpad_t540pMatch-

Node

lenovothinkpad_t550_firmwareMatch-

AND

lenovothinkpad_t550Match-

Node

lenovothinkpad_t560_firmwareMatch-

AND

lenovothinkpad_t560Match-

Node

lenovothinkpad_t570_firmwareMatch-

AND

lenovothinkpad_t570Match-

Node

lenovothinkpad_t580_firmwareMatch-

AND

lenovothinkpad_t580Match-

Node

lenovothinkpad_twist_firmwareMatch-

AND

lenovothinkpad_twistMatch-

Node

lenovothinkpad_s230u_firmwareMatch-

AND

lenovothinkpad_s230uMatch-

Node

lenovothinkpad_w530_firmwareMatch-

AND

lenovothinkpad_w530Match-

Node

lenovothinkpad_w540_firmwareMatch-

AND

lenovothinkpad_w540Match-

Node

lenovothinkpad_w541_firmwareMatch-

AND

lenovothinkpad_w541Match-

Node

lenovothinkpad_w550s_firmwareMatch-

AND

lenovothinkpad_w550sMatch-

Node

lenovothinkpad_x1_carbon_firmwareMatch-

AND

lenovothinkpad_x1_carbonMatch-

Node

lenovothinkpad_x1_yoga_firmwareMatch-

AND

lenovothinkpad_x1_yogaMatch-

Node

lenovothinkpad_x1_firmwareMatch-

AND

lenovothinkpad_x1Match-

Node

lenovothinkpad_x1_hybrid_firmwareMatch-

AND

lenovothinkpad_x1_hybridMatch-

Node

lenovothinkpad_x220_firmwareMatch-

AND

lenovothinkpad_x220Match-

Node

lenovothinkpad_x220i_firmwareMatch-

AND

lenovothinkpad_x220iMatch-

Node

lenovothinkpad_x220_tablet_firmwareMatch-

AND

lenovothinkpad_x220_tabletMatch-

Node

lenovothinkpad_x230_firmwareMatch-

AND

lenovothinkpad_x230Match-

Node

lenovothinkpad_x230i_firmwareMatch-

AND

lenovothinkpad_x230iMatch-

Node

lenovothinkpad_x230_tablet_firmwareMatch-

AND

lenovothinkpad_x230_tabletMatch-

Node

lenovothinkpad_x230i_tablet_firmwareMatch-

AND

lenovothinkpad_x230i_tabletMatch-

Node

lenovothinkpad_x230s_firmwareMatch-

AND

lenovothinkpad_x230sMatch-

Node

lenovothinkpad_x240s_firmwareMatch-

AND

lenovothinkpad_x240sMatch-

Node

lenovothinkpad_x240_firmwareMatch-

AND

lenovothinkpad_x240Match-

Node

lenovothinkpad_x250_firmwareMatch-

AND

lenovothinkpad_x250Match-

Node

lenovothinkpad_x280_firmwareMatch-

AND

lenovothinkpad_x280Match-

Node

lenovothinkpad_yoga_11e_firmwareMatch-

AND

lenovothinkpad_yoga_11eMatch-

VendorProductVersionCPE
lenovosynaptics_thinkpad_ultranav_driver18.0.7.119cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:18.0.7.119:*:*:*:*:*:*:*
microsoftwindows_7-cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
microsoftwindows_8.1-cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:pro_n:*:*:*
lenovosynaptics_thinkpad_ultranav_driver19.5.19.33cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:19.5.19.33:*:*:*:*:*:*:*
microsoftwindows_10-cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
lenovosynaptics_thinkpad_ultranav_driver19.0.17.140cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:19.0.17.140:*:*:*:*:*:*:*
microsoftwindows_8.1-cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
lenovosynaptics_thinkpad_ultranav_driver19.3.4.219cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:19.3.4.219:*:*:*:*:*:*:*
lenovosynaptics_thinkpad_ultranav_driver16.2.19.23cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:16.2.19.23:*:*:*:*:*:*:*
lenovosynaptics_thinkpad_ultranav_driver18.1.27.42cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:18.1.27.42:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
lenovo	synaptics_thinkpad_ultranav_driver	18.0.7.119	cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:18.0.7.119:::::::*
microsoft	windows_7	-	cpe:2.3:o:microsoft:windows_7:-:::::::*
microsoft	windows_8.1	-	cpe:2.3:o:microsoft:windows_8.1:-::::pro_n:::
lenovo	synaptics_thinkpad_ultranav_driver	19.5.19.33	cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:19.5.19.33:::::::*
microsoft	windows_10	-	cpe:2.3:o:microsoft:windows_10:-:::::::*
lenovo	synaptics_thinkpad_ultranav_driver	19.0.17.140	cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:19.0.17.140:::::::*
microsoft	windows_8.1	-	cpe:2.3:o:microsoft:windows_8.1:-:::::::*
lenovo	synaptics_thinkpad_ultranav_driver	19.3.4.219	cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:19.3.4.219:::::::*
lenovo	synaptics_thinkpad_ultranav_driver	16.2.19.23	cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:16.2.19.23:::::::*
lenovo	synaptics_thinkpad_ultranav_driver	18.1.27.42	cpe:2.3:a:lenovo:synaptics_thinkpad_ultranav_driver:18.1.27.42:::::::*

Rows per page:

1-10 of 1261

References

support.lenovo.com/bg/en/product_security/len-24573

support.lenovo.com/us/en/solutions/LEN-24573

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2018-16098

lenovo2 prion1 cvelist1 cve1