Vulnerabilities > Lenovo > System X3750 M4 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-14 | CVE-2020-8332 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Lenovo products A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. | 6.4 |
| 2018-11-16 | CVE-2018-9085 | Incorrect Default Permissions vulnerability in multiple products A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors. | 4.9 |