CVE-2018-9084

Summary

In System Management Module (SMM) versions prior to 1.06, if an attacker manages to log in to the device OS, the validation of software updates can be circumvented.

Affected Software

VendorProductVersion RangeStatus
LenovoThinkSystem SMMunspecified < 1.06affected

Weaknesses

  • Privilege escalation

ADP Enrichment

CVE Program Container

Additional References

References