CVE-2019-6171

Summary

A vulnerability was reported in various BIOS versions of older ThinkPad systems that could allow a user with administrative privileges or physical access the ability to update the Embedded Controller with unsigned firmware.

Affected Software

VendorProductVersion RangeStatus
LenovoBIOSvariousaffected

Weaknesses

  • Privilege escalation

ADP Enrichment

CVE Program Container

Additional References

References