PT-2018-18846 · Lenovo+2 · Lenovo System X+2
Publicado
2018-11-16
·
Atualizado
2019-10-03
·
CVE-2018-9085
CVSS v3.1
4.9
Média
| Vetor | AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Lenovo and IBM System x servers (affected versions not specified)
Description
A security issue was found in older generation Lenovo and IBM System x servers. The problem is related to a write protection lock bit that is not set after the system boots. This could allow an attacker who already has administrator access to change certain parts of the system's flash memory. Specifically, the attacker could modify the Intel Server Platform Services (SPS) and the system Flash Descriptors.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Incorrect Default Permissions
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm System X
Intel Server Platform Services
Lenovo System X