CVE-2019-6190 | Severity.io

Description

Lenovo was notified of a potential denial of service vulnerability, affecting various versions of BIOS for Lenovo Desktop, Desktop - All in One, and ThinkStation, that could cause PCRs to be cleared intermittently after resuming from sleep (S3) on systems with Intel TXT enabled.

Related CPE's

thinkcentre_e93_firmware

Vulnerable

thinkcentre_e93

thinkcentre_m6500s_firmware

Vulnerable

thinkcentre_m6500s

thinkcentre_m6500t_firmware

Vulnerable

thinkcentre_m6500t

thinkcentre_m73p_firmware

Vulnerable

thinkcentre_m73p

thinkcentre_m83_firmware

Vulnerable

thinkcentre_m83

thinkcentre_m8500s_firmware

Vulnerable

thinkcentre_m8500s

thinkcentre_m8500t_firmware

Vulnerable

thinkcentre_m8500t

thinkcentre_m93_firmware

Vulnerable

thinkcentre_m93

thinkcentre_m93p_firmware

Vulnerable

thinkcentre_m93p

thinkstation_e32_firmware

Vulnerable

thinkstation_e32

thinkstation_p300_firmware

Vulnerable

thinkstation_p300

thinkstation_c30_refresh_firmware

Vulnerable

thinkstation_c30_refresh

thinkstation_d30_refresh_firmware

Vulnerable

thinkstation_d30_refresh

thinkstation_p410_firmware

Vulnerable

thinkstation_p410

thinkstation_p500_firmware

Vulnerable

thinkstation_p500

thinkstation_p510_firmware

Vulnerable

thinkstation_p510

thinkstation_p700_firmware

Vulnerable

thinkstation_p700

thinkstation_p710_firmware

Vulnerable

thinkstation_p710

thinkstation_p720_firmware

Vulnerable

thinkstation_p720

thinkstation_p900_firmware

Vulnerable

thinkstation_p900

thinkstation_p910_firmware

Vulnerable

thinkstation_p910

thinkstation_p920_firmware

Vulnerable

thinkstation_p920

thinkstation_s30_refresh_firmware

Vulnerable

thinkstation_s30_refresh

h50-30g_desktop_firmware

Vulnerable

h50-30g_desktop

lenovo_63_desktop_firmware

Vulnerable

lenovo_63_desktop

m4500_desktop_firmware

Vulnerable

m4500_id_desktop_firmware

Vulnerable

m4500_id_desktop

m4550_id_desktop_firmware

Vulnerable

m4550_id_desktop

qitian_4500_desktop_firmware

Vulnerable

qitian_4500_desktop

qitian_b4550_desktop_firmware

Vulnerable

qitian_b4550_desktop

qitian_m4550_desktop_firmware

Vulnerable

qitian_m4550_desktop

thinkcentre_e73_desktop_firmware

Vulnerable

thinkcentre_e73_desktop

thinkcentre_e73s_desktop_firmware

Vulnerable

thinkcentre_e73s_desktop

thinkcentre_m4500k_desktop_firmware

Vulnerable

thinkcentre_m4500k_desktop

thinkcentre_m4500s_desktop_firmware

Vulnerable

thinkcentre_m4500s_desktop

thinkcentre_m4500t_desktop_firmware

Vulnerable

thinkcentre_m4500t_desktop

thinkcentre_m73_desktop_firmware

Vulnerable

thinkcentre_m73_desktop

yangtian_afh81_desktop_firmware

Vulnerable

yangtian_afh81_desktop

yangtian_mc_h81_desktop_firmware

Vulnerable

yangtian_mc_h81_desktop

yangtian_mf_h81_pci_desktop_firmware

Vulnerable

yangtian_mf_h81_pci_desktop

yangtian_ms_h81_desktop_firmware

Vulnerable

yangtian_ms_h81_desktop

yangtian_tc_h81_pci_desktop_firmware

Vulnerable

yangtian_tc_h81_pci_desktop

yangtian_wcc_h81_pci_desktop_firmware

Vulnerable

yangtian_wcc_h81_pci_desktop

yangtian_wf_h81_pci_desktop_firmware

Vulnerable

yangtian_wf_h81_pci_desktop

yangtian_ws_h81_desktop_firmware

Vulnerable

yangtian_ws_h81_desktop

thinkcentre_m9350z_firmware

Vulnerable

thinkcentre_m9350z

thinkcentre_m93z_firmware

Vulnerable

thinkcentre_m93z

thinkcentre_m73_tiny_firmware

Vulnerable

thinkcentre_m73_tiny

thinkcentre_m4500q_firmware

Vulnerable

thinkcentre_m4500q

thinkcentre_m9550z_firmware

Vulnerable

thinkcentre_m9550z

thinkcentre_m9500z_firmware

Vulnerable

thinkcentre_m9500z

thinkcentre_m900z_firmware

Vulnerable

thinkcentre_m900z

thinkcenter_m700z_firmware

Vulnerable

thinkcenter_m700z

thinkcenter_m800z_firmware

Vulnerable

thinkcenter_m800z

thinkcentre_e74z_firmware

Vulnerable

thinkcentre_e74z

thinkcentre_m700z_firmware

Vulnerable

thinkcentre_m700z

thinkcentre_m7300z_firmware

Vulnerable

thinkcentre_m7300z

thinkcentre_m800z_firmware

Vulnerable

thinkcentre_m800z

thinkcentre_m8300z_firmware

Vulnerable

thinkcentre_m8300z

thinkcentre_m8350z_firmware

Vulnerable

thinkcentre_m8350z

thinkcentre_m83z_firmware

Vulnerable

thinkcentre_m83z

ideacentre_700_firmware

Vulnerable

thinkcentre_m6600_firmware

Vulnerable

thinkcentre_m6600

thinkcentre_m6600q_firmware

Vulnerable

thinkcentre_m6600q

thinkcentre_m6600s_firmware

Vulnerable

thinkcentre_m6600s

thinkcentre_m6600t_firmware

Vulnerable

thinkcentre_m6600t

thinkcentre_m700q_firmware

Vulnerable

thinkcentre_m700q

thinkcentre_m800_firmware

Vulnerable

thinkcentre_m800

thinkcentre_m8600s_firmware

Vulnerable

thinkcentre_m8600s

thinkcentre_m8600t_firmware

Vulnerable

thinkcentre_m8600t

thinkcentre_m900_firmware

Vulnerable

thinkcentre_m900

yangtian_afq150_firmware

Vulnerable

yangtian_afq150

yta8900f_firmware

Vulnerable

thinkstation_p310_firmware

Vulnerable

thinkstation_p310

qitian_b4650_firmware

Vulnerable

qitian_m4600_firmware

Vulnerable

qitian_m4650_firmware

Vulnerable

thinkcentre_e74_firmware

Vulnerable

thinkcentre_e74

thinkcentre_e74s_firmware

Vulnerable

thinkcentre_e74s

thinkcentre_m4600s_firmware

Vulnerable

thinkcentre_m4600s

thinkcentre_m4600t_firmware

Vulnerable

thinkcentre_m4600t

thinkcentre_m700s_firmware

Vulnerable

thinkcentre_m700s

thinkcentre_m700t_firmware

Vulnerable

thinkcentre_m700t

yangtian_afh110_firmware

Vulnerable

yangtian_afh110

yangtian_mc_h110_firmware

Vulnerable

yangtian_mc_h110

yangtian_mc_h110_pci_firmware

Vulnerable

yangtian_mc_h110_pci

yangtian_me_h110_firmware

Vulnerable

yangtian_me_h110

yangtian_mf_h110_pci_firmware

Vulnerable

yangtian_mf_h110_pci

yangtian_tc_h110_pci_firmware

Vulnerable

yangtian_tc_h110_pci

yangtian_wc_h110_pci_firmware

Vulnerable

yangtian_wc_h110_pci

yangtian_we_h110_firmware

Vulnerable

yangtian_we_h110

yangtian_wf_h110_pci_firmware

Vulnerable

yangtian_wf_h110_pci

thinkcentre_m600_firmware

Vulnerable

thinkcentre_m600

thinkcentre_x1_aio_firmware

Vulnerable

thinkcentre_x1_aio

thinkcentre_m79_firmware

Vulnerable

thinkcentre_m79

qitian_b5900_firmware

Vulnerable

yangtian_ytm6900e-00_firmware

Vulnerable

yangtian_ytm6900e-00

thinkcentre_s510_firmware

Vulnerable

thinkcentre_s510

qt_m410_firmware

Vulnerable

qt_b415_firmware

Vulnerable

qt_m415_firmware

Vulnerable

thinkcentre_e75t_firmware

Vulnerable

thinkcentre_e75t

thinkcentre_e75s_firmware

Vulnerable

thinkcentre_e75s

thinkcentre_m710t_firmware

Vulnerable

thinkcentre_m710t

thinkcentre_m710s_firmware

Vulnerable

thinkcentre_m710s

v520s-08ikl_firmware

Vulnerable

v520t-15ikl_firmware

Vulnerable

Vulnerable

Vulnerable

qt_a7400_firmware

Vulnerable

thinkcentre_m610_firmware

Vulnerable

thinkcentre_m610

thinkcentre_m710q_firmware

Vulnerable

thinkcentre_m710q

thinkcentre_m910q_firmware

Vulnerable

thinkcentre_m910q

thinkcentre_m910s_firmware

Vulnerable

thinkcentre_m910s

thinkcentre_m910t_firmware

Vulnerable

thinkcentre_m910t

thinkcentre_m910x_firmware

Vulnerable

thinkcentre_m910x

thinkstation_p318_firmware

Vulnerable

thinkstation_p318

thinkstation_p320_tiny_firmware

Vulnerable

thinkstation_p320_tiny

thinkcentre_m720q_firmware

Vulnerable

thinkcentre_m720q

thinkcentre_m720t_firmware

Vulnerable

thinkcentre_m720t

thinkcentre_m720s_firmware

Vulnerable

thinkcentre_m720s

thinkcentre_m920q_firmware

Vulnerable

thinkcentre_m920q

thinkcentre_m920x_firmware

Vulnerable

thinkcentre_m920x

thinkcentre_m920t_firmware

Vulnerable

thinkcentre_m920t

thinkcentre_m920s_firmware

Vulnerable

thinkcentre_m920s

thinkstation_p330_tiny_firmware

Vulnerable

thinkstation_p330_tiny

thinkstation_p330_firmware

Vulnerable

thinkstation_p330

thinkcentre_m715q_firmware

Vulnerable

thinkcentre_m715q

thinkcentre_m910z_firmware

Vulnerable

thinkcentre_m910z

ideacentre_310s-08igm_firmware

Vulnerable

ideacentre_310s-08igm

lenovo_v330-15igm_firmware

Vulnerable

lenovo_v330-15igm

thinkcentre_m625q_firmware

Vulnerable

thinkcentre_m625q

thinkcentre_m715q_rr_firmware

Vulnerable

thinkcentre_m715q_rr

qitian_a815_firmware

Vulnerable

thinkcentre_m820z_firmware

Vulnerable

thinkcentre_m820z

thinkcentre_m920z_firmware

Vulnerable

thinkcentre_m920z

thinkcentre_e95z_firmware

Vulnerable

thinkcentre_e95z

thinkcentre_m818z_firmware

Vulnerable

thinkcentre_m818z

Vulnerable

thinkcentre_m810z_firmware

Vulnerable

thinkcentre_m810z

v540-24iwl_firmware

Vulnerable

thinkcentre_m710e_firmware

Vulnerable

thinkcentre_m710e

v530-22icb_firmware

Vulnerable

v530-24icb_firmware

Vulnerable

v530s-07icb_firmware

Vulnerable

ideacentre_720-18apr_firmware

Vulnerable

ideacentre_720-18apr

thinkcentre_m725s_firmware

Vulnerable

thinkcentre_m725s

thinkcentre_e96z_firmware

Vulnerable

thinkcentre_e96z

thinkcentre_m90n-1_firmware

Vulnerable

thinkcentre_m90n-1

ideacentre_310s-08asr_firmware

Vulnerable

ideacentre_310s-08asr

510-15ikl_firmware

Vulnerable

510s-08ikl_firmware

Vulnerable

thinkcentre_m715t_firmware

Vulnerable

thinkcentre_m715t

thinkcentre_m715s_firmware

Vulnerable

thinkcentre_m715s

legion_t530-28icb_reflash_firmware

Vulnerable

legion_t530-28icb_reflash

legion_t530-28icb_firmware

Vulnerable

legion_t530-28icb

legion_c530-19icb_firmware

Vulnerable

legion_c530-19icb

ideacentre_510-15icb_firmware

Vulnerable

ideacentre_510-15icb

ideacentre_510a-15icb_firmware

Vulnerable

ideacentre_510a-15icb

ideacentre_720-18icb_firmware

Vulnerable

ideacentre_720-18icb

legion_c730-19ico_firmware

Vulnerable

legion_c730-19ico

legion_t730-28ico_firmware

Vulnerable

legion_t730-28ico

aio520-24iku_firmware

Vulnerable

aio520-22iku_firmware

Vulnerable

aio_520-24ast_firmware

Vulnerable

aio520-27ikl_firmware

Vulnerable

a340-22ast_firmware

Vulnerable

legion_t530-28apr_firmware

Vulnerable

legion_t530-28apr

legion_t530-28apr_reflash_firmware

Vulnerable

legion_t530-28apr_reflash

thinkstation_p520_firmware

Vulnerable

thinkstation_p520

thinkstation_p520c_firmware

Vulnerable

thinkstation_p520c

thinkstation_p320_firmware

Vulnerable

thinkstation_p320

a340-24_iwl_firmware

Vulnerable

a340-22_iwl_firmware

Vulnerable

a340-22icb_firmware

Vulnerable

a340-24icb_firmware

Vulnerable

yogo_a940-27icb_firmware

Vulnerable

yogo_a940-27icb

aio520-24arr_firmware

Vulnerable

ideacentre_730s-24ikb_firmware

Vulnerable

ideacentre_730s-24ikb

legion_y520t_z370_firmware

Vulnerable

legion_y520t_z370

aio_330-20igm_firmware

Vulnerable

aio_330-20ast_firmware

Vulnerable

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/176178

Third Party AdvisoryVDB Entry

https://support.lenovo.com/us/en/product_security/LEN-28078

Vendor Advisory

Weaknesses

[email protected]

Primary

CWE-665

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.5 · Medium

CVSS V3.1
CVSS V3.0
CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2020-02-14T17:15:12.940

5 years ago

Last modified

2020-03-16T13:10:38.093

5 years ago