[rwth-security] CVE-2018-9083 - Lenovo System Management Module (SMM)

27 Nov 2018


      Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] bzw. [1] FYI
"In System Management Module (SMM) versions prior 
     to 1.06, the SMM contains weak default root credentials 
     which could be used to log in to the device OS -- if 
     the attacker manages to enable SSH or Telnet connections 
    via some other vulnerability."
VG
Bernd
[0]
https://cve.circl.lu/cve/CVE-2018-9083
[1]
https://cve.circl.lu/cve/CVE-2018-9083
-- 

Bernd Kohler

IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler@itc.rwth-aachen.de
https://www.itc.rwth-aachen.de

2024

2023

2022

2021

2020

2019

2018

[rwth-security] CVE-2018-9083 - Lenovo System Management Module (SMM)