Description

An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.

INFO

Published Date :

2024-09-13T17:29:08.267Z

Last Modified :

2024-09-16T17:38:38.871Z

Source :

lenovo
AFFECTED PRODUCTS

The following products are affected by CVE-2024-45105 vulnerability.

Vendors Products
Lenovo
  • Thinkagile Hx1331 Firmware
  • Thinkagile Hx2330 Firmware
  • Thinkagile Hx2331 Firmware
  • Thinkagile Hx3330 Firmware
  • Thinkagile Hx3331 Firmware
  • Thinkagile Hx3331 Node Sap Hana
  • Thinkagile Hx3375 Firmware
  • Thinkagile Hx3376 Firmware
  • Thinkagile Hx5530 Firmware
  • Thinkagile Hx5531 Firmware
  • Thinkagile Hx630 V3 Certified Node Firmware
  • Thinkagile Hx630 V3 Firmware
  • Thinkagile Hx645 V3 Certified Node Firmware
  • Thinkagile Hx645 V3 Integrated System Firmware
  • Thinkagile Hx650 V3 Certified Node Firmware
  • Thinkagile Hx650 V3 Firmware
  • Thinkagile Hx665 V3 Certified Node Firmware
  • Thinkagile Hx665 V3 Integrated System Firmware
  • Thinkagile Hx665 V3 Storage Certified Node Firmware
  • Thinkagile Hx665 V3 Storage Integrated Node Firmware
  • Thinkagile Hx7530 Appl For Sap Hana
  • Thinkagile Hx7531 Firmware
  • Thinkagile Hx7531 Node Sap Hana
  • Thinkagile Mx3330-f All-flash Firmware
  • Thinkagile Mx3330-h Hybrid Firmware
  • Thinkagile Mx3331-f All-flash Firmware
  • Thinkagile Mx3331-h Hybrid Firmware
  • Thinkagile Mx3530-h Hybrid Firmware
  • Thinkagile Mx3530 F All Flash Firmware
  • Thinkagile Mx3531-f All-flash Firmware
  • Thinkagile Mx3531 H Hybrid Firmware
  • Thinkagile Mx630 V3 Certified Node Firmware
  • Thinkagile Mx630 V3 Intergrated System Firmware
  • Thinkagile Mx650 V3 Certified Node Firmware
  • Thinkagile Mx650 V3 Intergrated System Firmware
  • Thinkagile Vx2330 Firmware
  • Thinkagile Vx3330 Firmware
  • Thinkagile Vx3331 Firmware
  • Thinkagile Vx3530-g Firmware
  • Thinkagile Vx5530 Firmware
  • Thinkagile Vx630 V3 Certified Node Firmware
  • Thinkagile Vx635 V3 Certified Node Firmware
  • Thinkagile Vx635 V3 Integrated System Firmware
  • Thinkagile Vx645 V3 Certified Node Firmware
  • Thinkagile Vx645 V3 Integrated System Firmware
  • Thinkagile Vx650 V3 Certified Node Firmware
  • Thinkagile Vx650 V3 Dpu Certified Node Firmware
  • Thinkagile Vx650 V3 Dpu Integrated System Firmware
  • Thinkagile Vx650 V3 Dpu Sap Hana Certified Node Firmware
  • Thinkagile Vx650 V3 Dpu Sap Hana Firmware
  • Thinkagile Vx650 V3 Integrated System Firmware
  • Thinkagile Vx655 V3 Certified Node Firmware
  • Thinkagile Vx655 V3 Integrated System Firmware
  • Thinkagile Vx665 V3 Certified Node Firmware
  • Thinkagile Vx665 V3 Integrated System Firmware
  • Thinkagile Vx7330 Firmware
  • Thinkagile Vx7530 Firmware
  • Thinkagile Vx7531 Firmware
  • Thinkedge Se350 V2 Firmware
  • Thinkedge Se360 V2 Firmware
  • Thinkedge Se450 Firmware
  • Thinkedge Se455 V3 Firmware
  • Thinksystem Sd530 V3 Firmware
  • Thinksystem Sd550 V3 Firmware
  • Thinksystem Sd630 V2 Firmware
  • Thinksystem Sd650-n V2 Firmware
  • Thinksystem Sd650 V2 Firmware
  • Thinksystem Sd650 V3 Firmware
  • Thinksystem Sd665 V3 Firmware
  • Thinksystem Sn550 V2 Firmware
  • Thinksystem Sr250 V2 Firmware
  • Thinksystem Sr250 V3 Firmware
  • Thinksystem Sr258 V2 Firmware
  • Thinksystem Sr258 V3 Firmware
  • Thinksystem Sr630 V2 Firmware
  • Thinksystem Sr630 V3 Firmware
  • Thinksystem Sr635 V3 Firmware
  • Thinksystem Sr645 Firmware
  • Thinksystem Sr645 V3 Firmware
  • Thinksystem Sr650 V2 Firmware
  • Thinksystem Sr650 V3 Firmware
  • Thinksystem Sr655 V3 Firmware
  • Thinksystem Sr665 Firmware
  • Thinksystem Sr665 V3 Firmware
  • Thinksystem Sr670 V2 Firmware
  • Thinksystem Sr675 V3 Firmware
  • Thinksystem Sr850 V2 Firmware
  • Thinksystem Sr850 V3 Firmware
  • Thinksystem Sr860 V2 Firmware
  • Thinksystem Sr860 V3 Firmware
  • Thinksystem Sr950 V3 Firmware
  • Thinksystem St250 V2 Firmware
  • Thinksystem St250 V3 Firmware
  • Thinksystem St258 V2 Firmware
  • Thinksystem St258 V3 Firmware
  • Thinksystem St650 V2 Firmware
  • Thinksystem St650 V3 Firmware
  • Thinksystem St658 V2 Firmware
  • Thinksystem St658 V3 Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-45105.

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact