CVE-2019-6172

CVSS 6.4 · Medium EPSS 0.09% · P26 Updated Feb 23, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-6172

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A potential vulnerability in the SMI callback function used in Legacy USB driver using passed parameter without sufficient checking in some Lenovo ThinkPad models may allow arbitrary code execution.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款Lenovo产品输入验证错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Lenovo 510-15IKL和Lenovo ThinkCentre都是中国联想（Lenovo）公司的一款台式电脑。多款Lenovo ThinkPad产品中的SMI调用函数存在输入验证错误漏洞。攻击者可利用该漏洞执行任意代码。以下产品及版本受到影响：Lenovo 510 15IKL；IdeaCentre 300-20ISH；IdeaCentre 510-15ICB；IdeaCentre 700；IdeaCentre 720 18-ICB等。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Lenovo	ThinkPad	Various ~ Various	-

II. Public POCs for CVE-2019-6172

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2019-6172

请登录查看更多情报信息。

https://support.lenovo.com/us/en/product_security/LEN-27714x_refsource_CONFIRM
https://nvd.nist.gov/vuln/detail/CVE-2019-6172

Same Patch Batch · Lenovo · 2019-11-12 · 3 CVEs total

CVE-2019-6170	6.4 MEDIUM	多款Lenovo产品输入验证错误漏洞
CVE-2019-6188		ThinkPad T460p and T470p BIOS Tamper Mechanism

IV. Related Vulnerabilities

Same product: ThinkPad

Same vendor: Lenovo

V. Comments for CVE-2019-6172

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2019-6172

I. Basic Information for CVE-2019-6172

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2019-6172

III. Intelligence Information for CVE-2019-6172

Same Patch Batch · Lenovo · 2019-11-12 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2019-6172

Leave a comment