Vulnerabilities > Lenovo > Thinkagile Hx1021 EDG Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-10-25 CVE-2023-4607 Improper Privilege Management vulnerability in Lenovo products
An authenticated XCC user can change permissions for any user through a crafted API command.
network
low complexity
lenovo CWE-269
8.8
8.8
2023-01-30 CVE-2022-40137 Classic Buffer Overflow vulnerability in Lenovo products
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
local
low complexity
lenovo CWE-120
6.7
6.7