threat
engine
.sh
Back
·
··:··
Home
/
Product
/
lenovo thinkpad x390 yoga firmware
Product
lenovo thinkpad x390 yoga firmware
15 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-48189
< 1.95
An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and ele
6.7
MEDIUM
CVE-2023-2290
all versions
A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privi
6.4
MEDIUM
CVE-2022-40134
all versions
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local
4.4
MEDIUM
CVE-2021-3843
< n2let87w
A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and
6.7
MEDIUM
CVE-2021-3786
< n2let87w
A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems cou
4.4
MEDIUM
CVE-2021-3718
< n2let87w
A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biomet
4.3
MEDIUM
CVE-2021-3599
< n2let87w
A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker w
6.7
MEDIUM
CVE-2019-18619
< 6.0.36.1105
Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-
7.8
HIGH
CVE-2019-18618
< 6.0.36.1105
Incorrect access control in the firmware of Synaptics VFS75xx family fingerprint sensors that include external flash (all versions
6.0
MEDIUM
CVE-2020-8336
< n2let74w
Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash
6.4
MEDIUM
CVE-2020-8323
< 2020-06-24
A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Len
6.4
MEDIUM
CVE-2020-8320
< 2020-06-24
An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege.
6.4
MEDIUM
CVE-2019-6188
all versions
The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, and T470p, BIOS vers
9.8
CRITICAL
CVE-2019-6172
all versions
A potential vulnerability in the SMI callback function used in Legacy USB driver using passed parameter without sufficient checkin
6.4
MEDIUM
CVE-2019-6170
all versions
A potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phas
6.4
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin