First published: Fri Nov 16 2018(Updated: )
In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.
Credit: psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo Thinkserver Rd340 Firmware | <64.00 | |
Lenovo Thinkserver Rd340 | ||
Lenovo Thinkserver Rd440 Firmware | <64.00 | |
Lenovo Thinkserver Rd440 | ||
Lenovo Thinkserver Rd640 Firmware | <64.00 | |
Lenovo Thinkserver Rd640 | ||
Lenovo Thinkserver Td340 Firmware | <60.00 | |
Lenovo Thinkserver Td340 |
Update BMC firmware
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2018-9086 is high with a severity value of 7.2.
The command injection vulnerability in CVE-2018-9086 allows a privileged user to download and execute arbitrary code inside the BMC firmware download command.
Only authorized privileged users can exploit the command injection vulnerability in CVE-2018-9086.
Lenovo ThinkServer RD340, RD440, RD640, and TD340 firmware versions up to exclusive 64.00 are affected by CVE-2018-9086.
To fix the command injection vulnerability in CVE-2018-9086, update the BMC firmware to a version that is not vulnerable.