PT-2018-18830 · Lenovo · Lenovo Ideapad

Published

2018-10-02

Updated

2020-02-18

CVE-2018-9069

CVSS v2.0

7.0

High

Vector

AV:N/AC:M/Au:S/C:N/I:P/A:C

Name of the Vulnerable Software and Affected Versions Lenovo IdeaPad (affected versions not specified)

Description A race condition in the BIOS flash device locking mechanism of some Lenovo IdeaPad consumer notebook models is not adequately protected, potentially allowing an attacker with administrator access to alter the contents of BIOS.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2018-9069

Affected Products

Lenovo Ideapad

PT-2018-18830 · Lenovo · Lenovo Ideapad

CVE-2018-9069

Weakness Enumeration

Related Identifiers

Affected Products

References · 3