Vulnerabilities

In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send system serial number, machine type and model and product name to Lenovo's servers.

In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges.

In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbon 5th generation.

Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle attackers to execute arbitrary code.

Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges.

Reset to default settings may occur in Lenovo ThinkServer TSM RD350, RD450, RD550, RD650, TD350 during a prolonged broadcast storm in TSM versions earlier than 3.77.

Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may contain user credentials in a non-secure, clear text form that could be viewed by a non-privileged user.

The BIOS in Lenovo System X M5, M6, and X6 systems allows administrators to cause a denial of service via updating a UEFI data structure.

Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges.

Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges.

Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code.

A vulnerability has been identified in a signed kernel driver for the BIOS of some ThinkPad systems that can allow an attacker with Windows administrator-level privileges to call System Management Mode (SMM) services. This could lead to a denial of service attack or allow certain BIOS variables or settings to be altered (such as boot sequence). The setting or changing of BIOS passwords is not affected by this vulnerability.

A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system.

During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level privileges.