CVE-2019-6156: In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of…

low3.3CVSS 3.0

AVLACLPRLUINSUCNILAN

In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). Lenovo was notified that after resuming from S3 sleep mode in various versions of BIOS for Lenovo systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.

Affected

75 ranges· showing 25

Vendor	Product	Version range	Fixed in
lenovo	330-14igm_firmware	< 7xcn30ww	7xcn30ww
lenovo	330-15igm_firmware	< 7xcn30ww	7xcn30ww
lenovo	aio300-23isu_firmware	< o1lkt46a	o1lkt46a
lenovo	aio_910-27ish_firmware	< o37kt13a	o37kt13a
lenovo	bios	—	—
lenovo	ideacentre_510-15icb_firmware	< o3qkt32a	o3qkt32a
lenovo	ideacentre_510a-15icb_firmware	< o3qkt32a	o3qkt32a
lenovo	ideacentre_520s-23iku_firmware	< o34kt23a	o34kt23a
lenovo	ideacentre_700_firmware	< fwkt9aa	fwkt9aa
lenovo	ideacentre_720-18icb_firmware	< o3qkt32a	o3qkt32a
lenovo	ideacentre_730s-24ikb_firmware	< o3wkt15a	o3wkt15a
lenovo	legion_c530-19icb_firmware	< o3lkt20a	o3lkt20a
lenovo	legion_c730-19ico_firmware	< o3nkt20a	o3nkt20a
lenovo	legion_t530-28icb_firmware	< o3lkt20a	o3lkt20a
lenovo	legion_t730-28ico_firmware	< o3nkt20a	o3nkt20a
lenovo	thinkcentre_e93_firmware	< fbktd5a	fbktd5a
lenovo	thinkcentre_e95z_firmware	< m1lkt20a	m1lkt20a
lenovo	thinkcentre_e96z_firmware	< m26kt11a	m26kt11a
lenovo	thinkcentre_m610_firmware	< m1akt3fa	m1akt3fa
lenovo	thinkcentre_m6500s_firmware	< fbktd5a	fbktd5a
lenovo	thinkcentre_m6500t_firmware	< fbktd5a	fbktd5a
lenovo	thinkcentre_m6600_firmware	< fwkt9aa	fwkt9aa
lenovo	thinkcentre_m6600q_firmware	< fwkt9aa	fwkt9aa
lenovo	thinkcentre_m6600s_firmware	< fwkt9aa	fwkt9aa
lenovo	thinkcentre_m6600t_firmware	< fwkt9aa	fwkt9aa