CVE-2019-6188

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, and T470p, BIOS versions up to R0FET50W, which may allow for unauthorized access.

Published: Nov 12, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-6188
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
lenovo / thinkpad_helix_firmware	-	gfet65ww
lenovo / thinkpad_s531_firmware	-	gket46ww
lenovo / thinkpad_t440_firmware	-	gjeta3ww
lenovo / thinkpad_t440s_firmware	-	gjeta3ww
lenovo / thinkpad_t440p_firmware	-	gleta0ww
lenovo / thinkpad_t540p_firmware	-	gmet89ww
lenovo / thinkpad_w540_firmware	-	gnet92ww
lenovo / thinkpad_w541_firmware	-	gnet92ww
lenovo / thinkpad_x240_firmware	-	giet98ww
lenovo / thinkpad_x240s_firmware	-	giet98ww

https://support.lenovo.com/us/en/product_security/LEN-27714

Vulnerability Database

289,782

CVE-2019-6188