CVE-2022-40136
https://notcve.org/view.php?id=CVE-2022-40136
An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. • https://support.lenovo.com/us/en/product_security/LEN-94953 • CWE-125: Out-of-bounds Read •
CVE-2022-40135
https://notcve.org/view.php?id=CVE-2022-40135
An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. • https://support.lenovo.com/us/en/product_security/LEN-94953 • CWE-125: Out-of-bounds Read •
CVE-2022-40134
https://notcve.org/view.php?id=CVE-2022-40134
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. • https://support.lenovo.com/us/en/product_security/LEN-94953 • CWE-125: Out-of-bounds Read •
CVE-2021-3519
https://notcve.org/view.php?id=CVE-2021-3519
A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password At Boot Device List" BIOS setting is Yes. Se ha informado de una vulnerabilidad en algunos modelos de ordenadores de sobremesa de Lenovo que podía permitir el acceso no autorizado al menú de arranque, cuando la configuración de la BIOS "BIOS Password At Boot Device List" es Sí • https://support.lenovo.com/us/en/product_security/LEN-67440 • CWE-287: Improper Authentication •
CVE-2019-6190
https://notcve.org/view.php?id=CVE-2019-6190
Lenovo was notified of a potential denial of service vulnerability, affecting various versions of BIOS for Lenovo Desktop, Desktop - All in One, and ThinkStation, that could cause PCRs to be cleared intermittently after resuming from sleep (S3) on systems with Intel TXT enabled. Lenovo fue notificado de una potencial vulnerabilidad de denegación de servicio, que afecta a varias versiones de la BIOS para Lenovo Desktop, Desktop - All in One y ThinkStation, lo que podría causar que los PCR sean borrados de forma intermitente después de reanudar el modo de suspensión (S3) en sistemas con Intel TXT habilitado. • https://exchange.xforce.ibmcloud.com/vulnerabilities/176178 https://support.lenovo.com/us/en/product_security/LEN-28078 • CWE-665: Improper Initialization •