6.7
CVE-2024-45105
- EPSS 0.08%
- Veröffentlicht 13.09.2024 18:15:05
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle psirt@lenovo.com
- CVE-Watchlists
- Unerledigt
An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellerlenovo
≫
Produkt
thinkagile_hx5530_firmware
Default Statusunaffected
Version
0
Version <
afe130c
Status
affected
Herstellerlenovo
≫
Produkt
thinkedge_se450__firmware
Default Statusunaffected
Version
0
Version <
cme116d
Status
affected
Herstellerlenovo
≫
Produkt
thinkedge_se350_v2_firmware
Default Statusunaffected
Version
0
Version <
iye110f
Status
affected
Herstellerlenovo
≫
Produkt
thinksystem_st250_v3_firmware
Default Statusunaffected
Version
0
Version <
cte110i
Status
affected
Herstellerlenovo
≫
Produkt
thinkagile_hx3375_firmware
Default Statusunaffected
Version
0
Version <
d8e138d
Status
affected
Herstellerlenovo
≫
Produkt
thinksystem_sr950_v3_firmware
Default Statusunaffected
Version
0
Version <
ebe108h
Status
affected
Herstellerlenovo
≫
Produkt
thinkagile_hx650_v3_firmware
Default Statusunaffected
Version
0
Version <
ese126h
Status
affected
Herstellerlenovo
≫
Produkt
thinksystem_sd530_v3_firmware
Default Statusunaffected
Version
0
Version <
fne118d
Status
affected
Herstellerlenovo
≫
Produkt
thinkagile_hx645_v3_integrated_system_firmware
Default Statusunaffected
Version
0
Version <
kae120j
Status
affected
Herstellerlenovo
≫
Produkt
thinksystem_sr850_v2_firmware
Default Statusunaffected
Version
0
Version <
m5e128i
Status
affected
Herstellerlenovo
≫
Produkt
thinkedge_se455_v3_firmware
Default Statusunaffected
Version
0
Version <
mbe110h
Status
affected
Herstellerlenovo
≫
Produkt
thinksystem_sd665_v3_firmware
Default Statusunaffected
Version
0
Version <
qge124h
Status
affected
Herstellerlenovo
≫
Produkt
thinksystem_sr850_v3_firmware
Default Statusunaffected
Version
0
Version <
rse110h
Status
affected
Herstellerlenovo
≫
Produkt
thinksystem_sr250_v2_firmware
Default Statusunaffected
Version
0
Version <
tqe116c
Status
affected
Herstellerlenovo
≫
Produkt
thinksystem_sd630_v2_firmware
Default Statusunaffected
Version
0
Version <
u8e128l
Status
affected
Herstellerlenovo
≫
Produkt
thinksystem_sd650_v3_firmware
Default Statusunaffected
Version
0
Version <
use130g
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.236 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@lenovo.com | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-825 Expired Pointer Dereference
The product dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.