Unrated severityNVD Advisory· Published Nov 27, 2018· Updated Aug 5, 2024
System Management Module Vulnerabilities
CVE-2018-16089
Description
In System Management Module (SMM) versions prior to 1.06, a field in the header of SMM firmware update images is insufficiently sanitized, allowing post-authentication command injection on the SMM as the root user.
Affected products
1- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- support.lenovo.com/us/en/solutions/LEN-24374mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.