CVE-2018-9062

In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code.

Published : 2018-07-19 19:29 Updated : 2019-10-15 18:03

7.2
CVSS Score More info
Score 7.2 / 10
7.2

CPE

There is no CPE for this CVE.

CWE

ID Name Description Links
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') The software constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. CVE

History of changes

Date Event
2019-10-15 18:03
2019-10-09 23:43
2018-07-19 19:29

New CVE