Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-2659

A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function.

Published

2024-04-15T18:15:10.837

Last Modified

2025-07-28T13:06:05.163

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses

Type: Secondary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	lenovo	nextscale_n1200_enclosure_firmware	< FHET62A-3.50	Yes
Hardware	lenovo	nextscale_n1200_enclosure	-	No
Operating System	lenovo	thinkagile_cp-cb-10_firmware	< TESM40B-1.27	Yes
Hardware	lenovo	thinkagile_cp-cb-10	-	No
Operating System	lenovo	thinkagile_cp-cb-10e_firmware	< TESM40B-1.27	Yes
Hardware	lenovo	thinkagile_cp-cb-10e	-	No
Operating System	lenovo	thinkagile_hx_enclosure_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx_enclosure	-	No
Operating System	lenovo	thinkagile_hx3721_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx3721	-	No
Operating System	lenovo	thinkagile_hx1021_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx1021	-	No
Operating System	lenovo	thinkagile_hx_e1_enclosure_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx_e1_enclosure	-	No
Operating System	lenovo	thinkagile_hx_e2_enclosure_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx_e2_enclosure	-	No
Operating System	lenovo	thinkagile_hx1321_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx1321	-	No
Operating System	lenovo	thinkagile_hx2321_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx2321	-	No
Operating System	lenovo	thinkagile_hx3321_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx3321	-	No
Operating System	lenovo	thinkagile_hx1331_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx1331	-	No
Operating System	lenovo	thinkagile_hx2331_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx2331	-	No
Operating System	lenovo	thinkagile_hx3331_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx3331	-	No
Operating System	lenovo	thinkagile_hx630_v3_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx630_v3	-	No
Operating System	lenovo	thinkagile_hx3376_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx3376	-	No
Operating System	lenovo	thinkagile_hx645_v3_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx645_v3	-	No
Operating System	lenovo	thinkagile_hx1521-r_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx1521-r	-	No
Operating System	lenovo	thinkagile_hx3521-g_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx3521-g	-	No
Operating System	lenovo	thinkagile_hx5521_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx5521	-	No
Operating System	lenovo	thinkagile_hx5521-c_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx5521-c	-	No
Operating System	lenovo	thinkagile_hx7521_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx7521	-	No
Operating System	lenovo	thinkagile_hx5531_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx5531	-	No
Operating System	lenovo	thinkagile_hx7531_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx7531	-	No
Operating System	lenovo	thinkagile_hx650_v3_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx650_v3	-	No
Operating System	lenovo	thinkagile_hx665_v3_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx665_v3	-	No
Operating System	lenovo	thinkagile_hx7821_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_hx7821	-	No
Operating System	lenovo	thinkagile_vx3720_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx3720	-	No
Operating System	lenovo	thinkagile_2u4n_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_2u4n	-	No
Operating System	lenovo	thinkagile_vx1320_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx1320	-	No
Operating System	lenovo	thinkagile_vx_1se_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx_1se	-	No
Operating System	lenovo	thinkagile_vx3320_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx3320	-	No
Operating System	lenovo	thinkagile_vx2320_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx2320	-	No
Operating System	lenovo	thinkagile_vx7320-n_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx7320-n	-	No
Operating System	lenovo	thinkagile_vx_1u_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx_1u	-	No
Operating System	lenovo	thinkagile_vx2330_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx2330	-	No
Operating System	lenovo	thinkagile_vx3330_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx3330	-	No
Operating System	lenovo	thinkagile_vx7330-n_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx7330-n	-	No
Operating System	lenovo	thinkagile_vx3331_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx3331	-	No
Operating System	lenovo	thinkagile_vx630_v3_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx630_v3	-	No
Operating System	lenovo	thinkagile_vx630_v4_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx630_v4	-	No
Operating System	lenovo	thinkagile_vx635_v3_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx635_v3	-	No
Operating System	lenovo	thinkagile_vx2375_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx2375	-	No
Operating System	lenovo	thinkagile_vx3375_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx3375	-	No
Operating System	lenovo	thinkagile_vx7375-n_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx7375-n	-	No
Operating System	lenovo	thinkagile_vx3376_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx3376	-	No
Operating System	lenovo	thinkagile_vx645_v3_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx645_v3	-	No
Operating System	lenovo	thinkagile_vx5520_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx5520	-	No
Operating System	lenovo	thinkagile_vx7520_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx7520	-	No
Operating System	lenovo	thinkagile_vx3520-g_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx3520-g	-	No
Operating System	lenovo	thinkagile_vx5520_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx5520	-	No
Operating System	lenovo	thinkagile_vx_2u_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx_2u	-	No
Operating System	lenovo	thinkagile_vx3530-g_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx3530-g	-	No
Operating System	lenovo	thinkagile_vx5530_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx5530	-	No
Operating System	lenovo	thinkagile_vx7530_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx7530	-	No
Operating System	lenovo	thinkagile_vx7531_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx7531	-	No
Operating System	lenovo	thinkagile_vx650_v3_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx650_v3	-	No
Operating System	lenovo	thinkagile_vx650_v4_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx650_v4	-	No
Operating System	lenovo	thinkagile_vx655_v3_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx655_v3	-	No
Operating System	lenovo	thinkagile_vx5575_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx5575	-	No
Operating System	lenovo	thinkagile_vx7575_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx7575	-	No
Operating System	lenovo	thinkagile_vx3575-g_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx3575-g	-	No
Operating System	lenovo	thinkagile_vx665_v3_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx665_v3	-	No
Operating System	lenovo	thinkagile_vx850_v3_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx850_v3	-	No
Operating System	lenovo	thinkagile_vx_4u_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx_4u	-	No
Operating System	lenovo	thinkagile_vx7820_firmware	< tesm40b-1.27	Yes
Hardware	lenovo	thinkagile_vx7820	-	No
Operating System	lenovo	thinksystem_d2_enclosure_firmware	< TESM40B-1.27	Yes
Hardware	lenovo	thinksystem_d2_enclosure	-	No
Operating System	lenovo	thinksystem_da240_firmware	< UMSM12I-1.1.3	Yes
Hardware	lenovo	thinksystem_da240	-	No
Operating System	lenovo	thinksystem_dw612_firmware	< UMSM12I-1.1.3	Yes
Hardware	lenovo	thinksystem_dw612	-	No

References

https://support.lenovo.com/us/en/product_security/LEN-140420 Vendor Advisory ([email protected])
https://support.lenovo.com/us/en/product_security/LEN-140420 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)