Vulnerabilities > CVE-2019-6172 - Unspecified vulnerability in Lenovo products

047910
CVSS 4.4 - MEDIUM
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
lenovo

Summary

A potential vulnerability in the SMI callback function used in Legacy USB driver using passed parameter without sufficient checking in some Lenovo ThinkPad models may allow arbitrary code execution.

Vulnerable Configurations

Part Description Count
OS
Lenovo
392
Hardware
Lenovo
392