CVE-2024-2659

EPSS 0.43%
Published 15.04.2024 18:15:10
Last modified 28.07.2025 13:06:05
Source psirt@lenovo.com
Teams watchlist Login
Open Login

A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Lenovo ≫ Nextscale N1200 Enclosure Firmware Version < FHET62A-3.50

Lenovo ≫ Nextscale N1200 Enclosure Version-

Lenovo ≫ Thinkagile Cp-cb-10 Firmware Version < TESM40B-1.27

Lenovo ≫ Thinkagile Cp-cb-10 Version-

Lenovo ≫ Thinkagile Cp-cb-10e Firmware Version < TESM40B-1.27

Lenovo ≫ Thinkagile Cp-cb-10e Version-

Lenovo ≫ Thinkagile Hx Enclosure Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx Enclosure Version-

Lenovo ≫ Thinkagile Hx3721 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx3721 Version-

Lenovo ≫ Thinkagile Hx1021 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx1021 Version-

Lenovo ≫ Thinkagile Hx E1 Enclosure Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx E1 Enclosure Version-

Lenovo ≫ Thinkagile Hx E2 Enclosure Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx E2 Enclosure Version-

Lenovo ≫ Thinkagile Hx1321 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx1321 Version-

Lenovo ≫ Thinkagile Hx2321 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx2321 Version-

Lenovo ≫ Thinkagile Hx3321 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx3321 Version-

Lenovo ≫ Thinkagile Hx1331 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx1331 Version-

Lenovo ≫ Thinkagile Hx2331 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx2331 Version-

Lenovo ≫ Thinkagile Hx3331 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx3331 Version-

Lenovo ≫ Thinkagile Hx630 V3 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx630 V3 Version-

Lenovo ≫ Thinkagile Hx3376 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx3376 Version-

Lenovo ≫ Thinkagile Hx645 V3 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx645 V3 Version-

Lenovo ≫ Thinkagile Hx1521-r Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx1521-r Version-

Lenovo ≫ Thinkagile Hx3521-g Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx3521-g Version-

Lenovo ≫ Thinkagile Hx5521 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx5521 Version-

Lenovo ≫ Thinkagile Hx5521-c Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx5521-c Version-

Lenovo ≫ Thinkagile Hx7521 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx7521 Version-

Lenovo ≫ Thinkagile Hx5531 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx5531 Version-

Lenovo ≫ Thinkagile Hx7531 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx7531 Version-

Lenovo ≫ Thinkagile Hx650 V3 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx650 V3 Version-

Lenovo ≫ Thinkagile Hx665 V3 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx665 V3 Version-

Lenovo ≫ Thinkagile Hx7821 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Hx7821 Version-

Lenovo ≫ Thinkagile Vx3720 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx3720 Version-

Lenovo ≫ Thinkagile 2u4n Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile 2u4n Version-

Lenovo ≫ Thinkagile Vx1320 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx1320 Version-

Lenovo ≫ Thinkagile Vx 1se Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx 1se Version-

Lenovo ≫ Thinkagile Vx3320 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx3320 Version-

Lenovo ≫ Thinkagile Vx2320 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx2320 Version-

Lenovo ≫ Thinkagile Vx7320-n Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx7320-n Version-

Lenovo ≫ Thinkagile Vx 1u Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx 1u Version-

Lenovo ≫ Thinkagile Vx2330 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx2330 Version-

Lenovo ≫ Thinkagile Vx3330 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx3330 Version-

Lenovo ≫ Thinkagile Vx7330-n Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx7330-n Version-

Lenovo ≫ Thinkagile Vx3331 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx3331 Version-

Lenovo ≫ Thinkagile Vx630 V3 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx630 V3 Version-

Lenovo ≫ Thinkagile Vx630 V4 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx630 V4 Version-

Lenovo ≫ Thinkagile Vx635 V3 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx635 V3 Version-

Lenovo ≫ Thinkagile Vx2375 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx2375 Version-

Lenovo ≫ Thinkagile Vx3375 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx3375 Version-

Lenovo ≫ Thinkagile Vx7375-n Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx7375-n Version-

Lenovo ≫ Thinkagile Vx3376 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx3376 Version-

Lenovo ≫ Thinkagile Vx645 V3 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx645 V3 Version-

Lenovo ≫ Thinkagile Vx5520 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx5520 Version-

Lenovo ≫ Thinkagile Vx7520 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx7520 Version-

Lenovo ≫ Thinkagile Vx3520-g Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx3520-g Version-

Lenovo ≫ Thinkagile Vx5520 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx5520 Version-

Lenovo ≫ Thinkagile Vx 2u Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx 2u Version-

Lenovo ≫ Thinkagile Vx3530-g Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx3530-g Version-

Lenovo ≫ Thinkagile Vx5530 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx5530 Version-

Lenovo ≫ Thinkagile Vx7530 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx7530 Version-

Lenovo ≫ Thinkagile Vx7531 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx7531 Version-

Lenovo ≫ Thinkagile Vx650 V3 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx650 V3 Version-

Lenovo ≫ Thinkagile Vx650 V4 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx650 V4 Version-

Lenovo ≫ Thinkagile Vx655 V3 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx655 V3 Version-

Lenovo ≫ Thinkagile Vx5575 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx5575 Version-

Lenovo ≫ Thinkagile Vx7575 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx7575 Version-

Lenovo ≫ Thinkagile Vx3575-g Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx3575-g Version-

Lenovo ≫ Thinkagile Vx665 V3 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx665 V3 Version-

Lenovo ≫ Thinkagile Vx850 V3 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx850 V3 Version-

Lenovo ≫ Thinkagile Vx 4u Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx 4u Version-

Lenovo ≫ Thinkagile Vx7820 Firmware Version < tesm40b-1.27

Lenovo ≫ Thinkagile Vx7820 Version-

Lenovo ≫ Thinksystem D2 Enclosure Firmware Version < TESM40B-1.27

Lenovo ≫ Thinksystem D2 Enclosure Version-

Lenovo ≫ Thinksystem Da240 Firmware Version < UMSM12I-1.1.3

Lenovo ≫ Thinksystem Da240 Version-

Lenovo ≫ Thinksystem Dw612 Firmware Version < UMSM12I-1.1.3

Lenovo ≫ Thinksystem Dw612 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.43%	0.617

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
psirt@lenovo.com	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

https://support.lenovo.com/us/en/product_security/LEN-140420

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-2659

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-2659

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-2659

EUVD