Vulnerabilities > Lenovo > Flex System X440 M4 Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-11-16 | CVE-2018-9085 | Incorrect Default Permissions vulnerability in multiple products A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors. | 4.9 |