What is the severity of CVE-2018-16098?

CVE-2018-16098 is considered to have a low severity rating, allowing unauthorized code execution as a low privilege user.

How do I fix CVE-2018-16098?

To mitigate CVE-2018-16098, users should update to the latest version of the Lenovo Synaptics ThinkPad Ultranav Driver.

Which devices are affected by CVE-2018-16098?

CVE-2018-16098 affects specific versions of the Synaptics Pointing Device driver found in various Lenovo ThinkPad models.

What could happen if CVE-2018-16098 is exploited?

If exploited, CVE-2018-16098 could allow an attacker to execute unauthorized code with low privileges on a vulnerable Lenovo device.

Is CVE-2018-16098 specific to Lenovo products?

Yes, CVE-2018-16098 specifically affects Lenovo ThinkPads that utilize the vulnerable versions of the Synaptics Pointing Device driver.

Vulnerability/
CVE-2018-16098

high

7.8

CWE

428

10/1/2019

5/8/2024

CVE-2018-16098

First published: Thu Jan 10 2019(Updated: )

In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics Pointing Device driver which could allow unauthorized code execution as a low privilege user.

Credit: psirt@lenovo.com

Affected Software	Affected Version	How to fix
Lenovo Synaptics ThinkPad Ultranav Driver	=18.0.7.119
Microsoft Windows 7
Microsoft Windows
Lenovo Synaptics ThinkPad Ultranav Driver	=19.5.19.33
Windows 10
Lenovo Synaptics ThinkPad Ultranav Driver	=19.0.17.140
Microsoft Windows
Lenovo Synaptics ThinkPad Ultranav Driver	=19.3.4.219
Lenovo Synaptics ThinkPad Ultranav Driver	=16.2.19.23
Lenovo Synaptics ThinkPad Ultranav Driver	=18.1.27.42
Lenovo ThinkPad Helix firmware
Lenovo ThinkPad Helix firmware
Lenovo ThinkPad L430 Firmware
Lenovo ThinkPad L430
Lenovo ThinkPad L530 Firmware
Lenovo ThinkPad L530
Lenovo ThinkPad P1 Firmware
Lenovo ThinkPad P1 Firmware
Lenovo ThinkPad X1 Extreme Firmware
Lenovo ThinkPad X1 Extreme
Lenovo ThinkPad P50s Firmware
Lenovo ThinkPad P50s Firmware
Lenovo ThinkPad P51 Firmware
Lenovo ThinkPad P51
Lenovo ThinkPad P51s Firmware
Lenovo ThinkPad P51s Firmware
Lenovo ThinkPad P52s Firmware
Lenovo ThinkPad P52s Firmware
Lenovo ThinkPad P70 Firmware
Lenovo ThinkPad P70
Lenovo ThinkPad S1 Yoga Firmware
Lenovo ThinkPad S1 Yoga
Lenovo ThinkPad S430 Firmware
Lenovo ThinkPad S430
Lenovo ThinkPad T420i Firmware
Lenovo ThinkPad T420i
Lenovo ThinkPad T420i Firmware
Lenovo ThinkPad T420i
Lenovo ThinkPad T420s Firmware
Lenovo ThinkPad T420
Lenovo ThinkPad T420si Firmware
Lenovo ThinkPad T420si Firmware
Lenovo ThinkPad T430s Firmware
Lenovo ThinkPad T430s Firmware
Lenovo ThinkPad T430i Firmware
Lenovo ThinkPad T430i Firmware
Lenovo ThinkPad T431s Firmware
Lenovo ThinkPad T431s Firmware
Lenovo ThinkPad T440 Firmware
Lenovo ThinkPad T440
Lenovo ThinkPad T440s Firmware
Lenovo ThinkPad T440s Firmware
Lenovo ThinkPad T440p Firmware
Lenovo ThinkPad T440p Firmware
Lenovo ThinkPad T460s Firmware
Lenovo ThinkPad T460s Firmware
Lenovo ThinkPad T470 Firmware
Lenovo ThinkPad T470 (20JX) Firmware
Lenovo ThinkPad T470s Firmware
Lenovo ThinkPad T470
Lenovo ThinkPad T520 Firmware
Lenovo ThinkPad T520 Firmware
Lenovo ThinkPad T520i Firmware
Lenovo ThinkPad T520i firmware
ThinkPad T530i Firmware
Lenovo ThinkPad T530i
ThinkPad T530i Firmware
ThinkPad T530i Firmware
Lenovo ThinkPad T540p Firmware
Lenovo ThinkPad T540p Firmware
Lenovo ThinkPad T540p Firmware
Lenovo ThinkPad T540p Firmware
Lenovo ThinkPad T550 Firmware
Lenovo ThinkPad T550
Lenovo ThinkPad T560 Firmware
Lenovo ThinkPad T560 Firmware
Lenovo ThinkPad T570 Firmware
Lenovo ThinkPad T570 (20HX) Firmware
Lenovo ThinkPad T580 Firmware
Lenovo ThinkPad T580
Lenovo ThinkPad Twist Firmware
Lenovo ThinkPad Twist Firmware
Lenovo ThinkPad S230u Firmware
Lenovo ThinkPad S230u Firmware
Lenovo ThinkPad W530 Firmware
Lenovo ThinkPad W530 Firmware
Lenovo ThinkPad W540
Lenovo ThinkPad W540 Firmware
Lenovo ThinkPad W541 Firmware
Lenovo ThinkPad W541 Firmware
Lenovo ThinkPad W550s firmware
Lenovo ThinkPad W550s firmware
Lenovo ThinkPad X1 Carbon Firmware
Lenovo ThinkPad X1 Carbon
Lenovo ThinkPad X1 Yoga (20SX) Firmware
Lenovo ThinkPad X1 Yoga
Lenovo X1 Firmware
Lenovo ThinkPad x1 hybrid firmware
Lenovo ThinkPad X1 Hybrid Firmware
Lenovo ThinkPad x1 hybrid firmware
Lenovo ThinkPad X220 firmware
Lenovo ThinkPad x220 firmware
Lenovo ThinkPad x220 firmware
Lenovo ThinkPad x220 firmware
Lenovo ThinkPad X220 Tablet Firmware
Lenovo ThinkPad x220 tablet firmware
Lenovo ThinkPad x230s firmware
Lenovo ThinkPad X230
Lenovo ThinkPad x230i tablet firmware
Lenovo ThinkPad x230
Lenovo ThinkPad X230i Tablet Firmware
Lenovo ThinkPad X230 Tablet
Lenovo ThinkPad X230i Tablet Firmware
Lenovo ThinkPad X230 Tablet
Lenovo ThinkPad x230s firmware
Lenovo ThinkPad x230s firmware
Lenovo ThinkPad x240s firmware
Lenovo ThinkPad x240s BIOS
Lenovo ThinkPad x240 firmware
Lenovo ThinkPad x240 firmware
Lenovo ThinkPad x250 firmware
Lenovo ThinkPad x250 firmware
Lenovo ThinkPad X280 Firmware
Lenovo ThinkPad X280 Firmware
Lenovo ThinkPad Yoga 11e (20dx) Firmware
Lenovo ThinkPad 11e YOGA

Remedy

https://support.lenovo.com/bg/en/product_security/len-24573

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-16098?
CVE-2018-16098 is considered to have a low severity rating, allowing unauthorized code execution as a low privilege user.
How do I fix CVE-2018-16098?
To mitigate CVE-2018-16098, users should update to the latest version of the Lenovo Synaptics ThinkPad Ultranav Driver.
Which devices are affected by CVE-2018-16098?
CVE-2018-16098 affects specific versions of the Synaptics Pointing Device driver found in various Lenovo ThinkPad models.
What could happen if CVE-2018-16098 is exploited?
If exploited, CVE-2018-16098 could allow an attacker to execute unauthorized code with low privileges on a vulnerable Lenovo device.
Is CVE-2018-16098 specific to Lenovo products?
Yes, CVE-2018-16098 specifically affects Lenovo ThinkPads that utilize the vulnerable versions of the Synaptics Pointing Device driver.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/weakness
agent/remedy
agent/first-publish-date
agent/description
agent/author
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/lenovo
canonical/lenovo synaptics thinkpad ultranav driver
version/lenovo synaptics thinkpad ultranav driver/18.0.7.119
vendor/microsoft
canonical/microsoft windows 7
canonical/microsoft windows
version/lenovo synaptics thinkpad ultranav driver/19.5.19.33
canonical/windows 10
version/lenovo synaptics thinkpad ultranav driver/19.0.17.140
version/lenovo synaptics thinkpad ultranav driver/19.3.4.219
version/lenovo synaptics thinkpad ultranav driver/16.2.19.23
version/lenovo synaptics thinkpad ultranav driver/18.1.27.42
canonical/lenovo thinkpad helix firmware
canonical/lenovo thinkpad l430 firmware
canonical/lenovo thinkpad l430
canonical/lenovo thinkpad l530 firmware
canonical/lenovo thinkpad l530
canonical/lenovo thinkpad p1 firmware
canonical/lenovo thinkpad x1 extreme firmware
canonical/lenovo thinkpad x1 extreme
canonical/lenovo thinkpad p50s firmware
canonical/lenovo thinkpad p51 firmware
canonical/lenovo thinkpad p51
canonical/lenovo thinkpad p51s firmware
canonical/lenovo thinkpad p52s firmware
canonical/lenovo thinkpad p70 firmware
canonical/lenovo thinkpad p70
canonical/lenovo thinkpad s1 yoga firmware
canonical/lenovo thinkpad s1 yoga
canonical/lenovo thinkpad s430 firmware
canonical/lenovo thinkpad s430
canonical/lenovo thinkpad t420i firmware
canonical/lenovo thinkpad t420i
canonical/lenovo thinkpad t420s firmware
canonical/lenovo thinkpad t420
canonical/lenovo thinkpad t420si firmware
canonical/lenovo thinkpad t430s firmware
canonical/lenovo thinkpad t430i firmware
canonical/lenovo thinkpad t431s firmware
canonical/lenovo thinkpad t440 firmware
canonical/lenovo thinkpad t440
canonical/lenovo thinkpad t440s firmware
canonical/lenovo thinkpad t440p firmware
canonical/lenovo thinkpad t460s firmware
canonical/lenovo thinkpad t470 firmware
canonical/lenovo thinkpad t470 (20jx) firmware
canonical/lenovo thinkpad t470s firmware
canonical/lenovo thinkpad t470
canonical/lenovo thinkpad t520 firmware
canonical/lenovo thinkpad t520i firmware
canonical/thinkpad t530i firmware
canonical/lenovo thinkpad t530i
canonical/lenovo thinkpad t540p firmware
canonical/lenovo thinkpad t550 firmware
canonical/lenovo thinkpad t550
canonical/lenovo thinkpad t560 firmware
canonical/lenovo thinkpad t570 firmware
canonical/lenovo thinkpad t570 (20hx) firmware
canonical/lenovo thinkpad t580 firmware
canonical/lenovo thinkpad t580
canonical/lenovo thinkpad twist firmware
canonical/lenovo thinkpad s230u firmware
canonical/lenovo thinkpad w530 firmware
canonical/lenovo thinkpad w540
canonical/lenovo thinkpad w540 firmware
canonical/lenovo thinkpad w541 firmware
canonical/lenovo thinkpad w550s firmware
canonical/lenovo thinkpad x1 carbon firmware
canonical/lenovo thinkpad x1 carbon
canonical/lenovo thinkpad x1 yoga (20sx) firmware
canonical/lenovo thinkpad x1 yoga
canonical/lenovo x1 firmware
canonical/lenovo thinkpad x1 hybrid firmware
canonical/lenovo thinkpad x220 firmware
canonical/lenovo thinkpad x220 tablet firmware
canonical/lenovo thinkpad x230s firmware
canonical/lenovo thinkpad x230
canonical/lenovo thinkpad x230i tablet firmware
canonical/lenovo thinkpad x230 tablet
canonical/lenovo thinkpad x240s firmware
canonical/lenovo thinkpad x240s bios
canonical/lenovo thinkpad x240 firmware
canonical/lenovo thinkpad x250 firmware
canonical/lenovo thinkpad x280 firmware
canonical/lenovo thinkpad yoga 11e (20dx) firmware
canonical/lenovo thinkpad 11e yoga