CVE-2020-8320
https://notcve.org/view.php?id=CVE-2020-8320
An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege. Un shell interno fue incluido en la imagen del BIOS en algunos modelos de ThinkPad que podría permitir una escalada de privilegios • https://support.lenovo.com/us/en/product_security/LEN-30042 • CWE-269: Improper Privilege Management CWE-489: Active Debug Code •
CVE-2019-6192 – Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2019-6192
A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service. Ha sido reportada una posible vulnerabilidad en Lenovo Power Management Driver versiones anteriores a la versión 1.67.17.48, conllevando un desbordamiento de búfer que podría causar una denegación de servicio. Lenovo Power Management Driver suffers from buffer overflow vulnerability. • https://www.exploit-db.com/exploits/47771 http://packetstormsecurity.com/files/155656/Lenovo-Power-Management-Driver-Buffer-Overflow.html https://support.lenovo.com/solutions/LEN-29334 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •