high
7.8
CWE
428
Advisory Published
Updated

CVE-2018-16098

First published: Thu Jan 10 2019(Updated: )

In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics Pointing Device driver which could allow unauthorized code execution as a low privilege user.

Credit: psirt@lenovo.com

Affected SoftwareAffected VersionHow to fix
Lenovo Synaptics Thinkpad Ultranav Driver=18.0.7.119
Microsoft Windows 7
Microsoft Windows 8.1
Lenovo Synaptics Thinkpad Ultranav Driver=19.5.19.33
Microsoft Windows 10
Lenovo Synaptics Thinkpad Ultranav Driver=19.0.17.140
Microsoft Windows 8.1
Lenovo Synaptics Thinkpad Ultranav Driver=19.3.4.219
Lenovo Synaptics Thinkpad Ultranav Driver=16.2.19.23
Lenovo Synaptics Thinkpad Ultranav Driver=18.1.27.42
Lenovo Thinkpad Helix Firmware
Lenovo Thinkpad Helix
Lenovo Thiankpad L430 Firmware
Lenovo Thiankpad L430
Lenovo Thiankpad L530 Firmware
Lenovo Thiankpad L530
Lenovo Thiankpad P1 Firmware
Lenovo Thiankpad P1
Lenovo Thiankpad X1 Extreme Firmware
Lenovo Thiankpad X1 Extreme
Lenovo Thiankpad P50s Firmware
Lenovo Thiankpad P50s
Lenovo Thiankpad P51 Firmware
Lenovo Thiankpad P51
Lenovo Thiankpad P51s Firmware
Lenovo Thiankpad P51s
Lenovo Thiankpad P52s Firmware
Lenovo Thiankpad P52s
Lenovo Thiankpad P70 Firmware
Lenovo Thiankpad P70
Lenovo Thiankpad S1 Yoga Firmware
Lenovo Thiankpad S1 Yoga
Lenovo Thiankpad S430 Firmware
Lenovo Thiankpad S430
Lenovo Thiankpad T420 Firmware
Lenovo Thiankpad T420
Lenovo Thiankpad T420i Firmware
Lenovo Thiankpad T420i
Lenovo Thinkpad T420s Firmware
Lenovo Thinkpad T420s
Lenovo Thinkpad T420si Firmware
Lenovo Thinkpad T420si
Lenovo Thinkpad T430s Firmware
Lenovo Thinkpad T430s
Lenovo Thinkpad T430i Firmware
Lenovo Thinkpad T430i
Lenovo Thinkpad T431s Firmware
Lenovo Thinkpad T431s
Lenovo Thinkpad T440 Firmware
Lenovo Thinkpad T440
Lenovo Thinkpad T440s Firmware
Lenovo Thinkpad T440s
Lenovo Thinkpad T440p Firmware
Lenovo Thinkpad T440p
Lenovo Thinkpad T460s Firmware
Lenovo Thinkpad T460s
Lenovo Thinkpad T470 Firmware
Lenovo Thinkpad T470
Lenovo Thinkpad T470s Firmware
Lenovo Thinkpad T470s
Lenovo Thinkpad T520 Firmware
Lenovo Thinkpad T520
Lenovo Thinkpad T520i Firmware
Lenovo Thinkpad T520i
Lenovo Thinkpad T530 Firmware
Lenovo Thinkpad T530
Lenovo Thinkpad T530i Firmware
Lenovo Thinkpad T530i
Lenovo Thinkpad T540 Firmware
Lenovo Thinkpad T540
Lenovo Thinkpad T540p Firmware
Lenovo Thinkpad T540p
Lenovo Thinkpad T550 Firmware
Lenovo Thinkpad T550
Lenovo Thinkpad T560 Firmware
Lenovo Thinkpad T560
Lenovo Thinkpad T570 Firmware
Lenovo Thinkpad T570
Lenovo Thinkpad T580 Firmware
Lenovo Thinkpad T580
Lenovo Thinkpad Twist Firmware
Lenovo Thinkpad Twist
Lenovo Thinkpad S230u Firmware
Lenovo Thinkpad S230u
Lenovo Thinkpad W530 Firmware
Lenovo Thinkpad W530
Lenovo Thinkpad W540 Firmware
Lenovo Thinkpad W540
Lenovo Thinkpad W541 Firmware
Lenovo Thinkpad W541
Lenovo Thinkpad W550s Firmware
Lenovo Thinkpad W550s
Lenovo Thinkpad X1 Carbon Firmware
Lenovo ThinkPad X1 Carbon
Lenovo Thinkpad X1 Yoga Firmware
Lenovo Thinkpad X1 Yoga
Lenovo Thinkpad X1 Firmware
Lenovo Thinkpad X1
Lenovo Thinkpad X1 Hybrid Firmware
Lenovo Thinkpad X1 Hybrid
Lenovo Thinkpad X220 Firmware
Lenovo Thinkpad X220
Lenovo Thinkpad X220i Firmware
Lenovo Thinkpad X220i
Lenovo Thinkpad X220 Tablet Firmware
Lenovo Thinkpad X220 Tablet
Lenovo Thinkpad X230 Firmware
Lenovo Thinkpad X230
Lenovo Thinkpad X230i Firmware
Lenovo Thinkpad X230i
Lenovo Thinkpad X230 Tablet Firmware
Lenovo Thinkpad X230 Tablet
Lenovo Thinkpad X230i Tablet Firmware
Lenovo Thinkpad X230i Tablet
Lenovo Thinkpad X230s Firmware
Lenovo Thinkpad X230s
Lenovo Thinkpad X240s Firmware
Lenovo Thinkpad X240s
Lenovo Thinkpad X240 Firmware
Lenovo Thinkpad X240
Lenovo Thinkpad X250 Firmware
Lenovo Thinkpad X250
Lenovo Thinkpad X280 Firmware
Lenovo Thinkpad X280
Lenovo Thinkpad Yoga 11e Firmware
Lenovo Thinkpad Yoga 11e

Remedy

https://support.lenovo.com/bg/en/product_security/len-24573

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203