CVE-2024-45105
Published: Sep 13, 2024
Modified: Sep 16, 2024
CVSS v3.1
6.7
Description
An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.
| Vendor | Product | Versions |
|---|---|---|
Lenovo | HX5530 Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | HX645 V3 Integrated System (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | HX665 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | ST250 V3 (ThinkSystem) BIOS | affected 0 - < CTE110I |
Lenovo | VX3331 Certified Node (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | HX1331 Certified Node (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | HX2330 Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | HX2331 Certified Node (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | HX3330 Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | HX3331 Certified Node (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | HX3331 Node SAP HANA (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | HX3375 Appliance (ThinkAgile) BIOS | affected 0 - < D8E138D |
Lenovo | HX3376 Certified Node (ThinkAgile) BIOS | affected 0 - < D8E138D |
Lenovo | HX5531 Certified Node (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | HX630 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | HX630 V3 Integrated System (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | HX645 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | HX650 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | HX650 V3 Integrated System (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | HX665 V3 Integrated System (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | HX665 V3 Storage Certified Node (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | HX665 V3 Storage Integrated Node (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | HX7530 Appl for SAP HANA (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | HX7531 Certified Node (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | HX7531 Node SAP HANA (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | MX3330-F All-flash Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | MX3330-H Hybrid Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | MX3331-F All-flash Certified node (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | MX3331-H Hybrid Certified node (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | MX3530 F All flash Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | MX3530-H Hybrid Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | MX3531 H Hybrid Certified node (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | MX3531-F All-flash Certified node (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | MX630 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | MX630 V3 Integrated System (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | MX650 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | MX650 v3 Integrated System (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | SD530 V3 (ThinkSystem) BIOS | affected 0 - < FNE118D |
Lenovo | SD550 V3 (ThinkSystem) BIOS | affected 0 - < FNE118D |
Lenovo | SD630 V2 (ThinkSystem) BIOS | affected 0 - < U8E128L |
Lenovo | SD650 V2 (ThinkSystem) BIOS | affected 0 - < U8E128L |
Lenovo | SD650 V3 (ThinkSystem) BIOS | affected 0 - < USE130G |
Lenovo | SD650-N V2 (ThinkSystem) BIOS | affected 0 - < U8E128L |
Lenovo | SD665 V3 (ThinkSystem) BIOS | affected 0 - < QGE124H |
Lenovo | SE350 V2 (ThinkEdge) BIOS | affected 0 - < IYE110F |
Lenovo | SE360 V2 (ThinkEdge) BIOS | affected 0 - < IYE110F |
Lenovo | SE450 (ThinkEdge) BIOS | affected 0 - < CME116D |
Lenovo | SE455 V3 (ThinkEdge) BIOS | affected 0 - < MBE110H |
Lenovo | SN550 V2 (ThinkSystem) BIOS | affected 0 - < U8E128L |
Lenovo | SR250 V2 (ThinkSystem) BIOS | affected 0 - < TQE116C |
Lenovo | SR250 V3 (ThinkSystem) BIOS | affected 0 - < CTE110I |
Lenovo | SR258 V2 (ThinkSystem) BIOS | affected 0 - < TQE116C |
Lenovo | SR258 V3 (ThinkSystem) BIOS | affected 0 - < CTE110I |
Lenovo | SR630 V2 (ThinkSystem) BIOS | affected 0 - < AFE130C |
Lenovo | SR630 V3 (ThinkSystem) BIOS | affected 0 - < ESE126H |
Lenovo | SR635 V3 (ThinkSystem) BIOS | affected 0 - < KAE120J |
Lenovo | SR645 (ThinkSystem) BIOS | affected 0 - < D8E138D |
Lenovo | SR645 V3 (ThinkSystem) BIOS | affected 0 - < KAE120J |
Lenovo | SR650 V2 (ThinkSystem) BIOS | affected 0 - < AFE130C |
Lenovo | SR650 V3 (ThinkSystem) BIOS | affected 0 - < ESE126H |
Lenovo | SR655 V3 (ThinkSystem) BIOS | affected 0 - < KAE120J |
Lenovo | SR665 (ThinkSystem) BIOS | affected 0 - < D8E138D |
Lenovo | SR665 V3 (ThinkSystem) BIOS | affected 0 - < KAE120J |
Lenovo | SR670 V2 (ThinkSystem) BIOS | affected 0 - < U8E128L |
Lenovo | SR675 V3 (ThinkSystem) BIOS | affected 0 - < QGE124H |
Lenovo | SR850 V2 (ThinkSystem) BIOS | affected 0 - < M5E128I |
Lenovo | SR850 V3 (ThinkSystem) BIOS | affected 0 - < RSE110H |
Lenovo | SR860 V2 (ThinkSystem) BIOS | affected 0 - < M5E128I |
Lenovo | SR860 V3 (ThinkSystem) BIOS | affected 0 - < RSE110H |
Lenovo | SR950 V3 (ThinkSystem) BIOS | affected 0 - < EBE108H |
Lenovo | ST250 V2 (ThinkSystem) BIOS | affected 0 - < TQE116C |
Lenovo | ST258 V2 (ThinkSystem) BIOS | affected 0 - < TQE116C |
Lenovo | ST258 V3 (ThinkSystem) BIOS | affected 0 - < CTE110I |
Lenovo | ST650 V2 (ThinkSystem) BIOS | affected 0 - < U8E128L |
Lenovo | ST650 V3 (ThinkSystem) BIOS | affected 0 - < USE130G |
Lenovo | ST658 V2 (ThinkSystem) BIOS | affected 0 - < U8E128L |
Lenovo | ST658 V3 (ThinkSystem) BIOS | affected 0 - < USE130G |
Lenovo | VX2330 Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | VX3330 Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | VX3530-G Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | VX5530 Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | VX630 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | VX635 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | VX635 V3 Integrated System (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | VX645 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | VX645 V3 Integrated System (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | VX650 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | VX650 V3 DPU Certified Node (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | VX650 V3 DPU Integrated System (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | VX650 V3 DPU SAP HANA Certified Node (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | VX650 V3 Integrated System (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | VX650 V3 SAP HANA Certified Node (ThinkAgile) BIOS | affected 0 - < ESE126H |
Lenovo | VX655 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | VX655 V3 Integrated System (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | VX665 V3 Certified Node (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | VX665 V3 Integrated System (ThinkAgile) BIOS | affected 0 - < KAE120J |
Lenovo | VX7330 Appliance (Thinkagile) BIOS | affected 0 - < AFE130C |
Lenovo | VX7530 Appliance (ThinkAgile) BIOS | affected 0 - < AFE130C |
Lenovo | VX7531 Certified Node (ThinkAgile) BIOS | affected 0 - < AFE130C |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now