Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Lenovo Group Ltd. — Vulnerabilities & Security Advisories 56

Browse all 56 CVE security advisories affecting Lenovo Group Ltd.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Lenovo Group Ltd. operates as a global technology manufacturer, primarily producing personal computers, servers, and mobile devices for enterprise and consumer markets. Security audits reveal 56 recorded Common Vulnerabilities and Exposures (CVEs), predominantly involving remote code execution, cross-site scripting, and privilege escalation flaws within embedded firmware and management utilities. These vulnerabilities often stem from legacy codebases in BIOS/UEFI implementations and third-party components integrated into hardware management suites. Notable incidents include critical firmware vulnerabilities allowing unauthorized hardware control, though the company has generally responded with timely patches. The attack surface is largely concentrated in out-of-band management interfaces and pre-boot environments, reflecting the complexity of modern hardware-software integration. While no massive data breaches have been publicly attributed directly to Lenovo’s core infrastructure, the high volume of firmware-related CVEs highlights ongoing challenges in securing low-level system components against sophisticated threat actors targeting supply chain integrity.

Top products by Lenovo Group Ltd.: Service Framework application Service Bridge Lenovo xClarity Administrator Lenovo Vibe and Lenovo China-only Moto Mobile Phones XClarity Administrator Lenovo XClarity Administrator (LXCA) Some Lenovo Flex System and Lenovo System x products ThinkPad Active Protection System Lenovo ElanTech Touchpad driver Lenovo Fingerprint Manager Pro Enterprise Network Operating System affecting Lenovo and IBM RackSwitch and BladeCenter Products Realtek Audio Driver Integrated Management Module 2 (IMM2) E95, ThinkCentre M710s/M710t IMM2 Lenovo and IBM Switch Products Help mobile Android app Various ThinkPad products some Lenovo ThinkPads Lenovo System Update Lenovo Help Android application System x IMM2 Lenovo Smart Assistant Active Protection System ThinkPad systems All ThinkPad, ThinkCentre, ThinkStation and Lenovo-branded systems preloaded with the Windows 10 operating system, or any system running Lenovo Companion, Lenovo Settings, or Lenovo ID. Lenovo Notebook models 110-14IBR/110-15IBR, B70-80, E31-80, E40-80, E41-80, E51-80, G40-80, G50-80, G50-80 Touch, Ideapad 300-14IBR/300-15IBR, Ideapad 300-14ISK/300-15ISK/300-17ISK, Ideapad 510S-12ISK, K21-80, K41-80, MIIX 710-12IKB , XiaoXin Air 12, YOGA 510-14ISK/510-15ISK, YOGA 710-11IKB, Yoga 710-11ISK, Yoga 900-13ISK, YOGA 900S-12ISK; ThinkServer models ThinkServer TS150, ThinkServer TS450 Edge and Slim USB Keyboard Driver System X M5, M6, and X6 BIOS Transition application
CVE IDTitleCVSSSeverityPublished
CVE-2018-16098 多款Lenovo产品Synaptics Pointing Device驱动程序代码问题漏洞 — Various ThinkPad products 7.8 -2019-01-24
CVE-2018-9066 Lenovo XClarity Administrator 安全漏洞 — Lenovo xClarity Administrator 7.5 -2018-07-30
CVE-2018-9065 Lenovo XClarity Administrator 安全漏洞 — Lenovo xClarity Administrator 7.2 -2018-07-30
CVE-2018-9064 Lenovo XClarity Administrator 安全漏洞 — Lenovo xClarity Administrator 8.8 -2018-07-30
CVE-2018-9068 Lenovo System x和IBM System x 安全漏洞 — System x IMM2 7.5 -2018-07-26
CVE-2018-9062 BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack — some Lenovo ThinkPads 6.8 -2018-07-19
CVE-2018-9070 Lenovo Smart Assistant Android app 安全漏洞 — Lenovo Smart Assistant 6.8 -2018-07-13
CVE-2018-9067 Lenovo Help Android app 安全漏洞 — Lenovo Help Android application 7.5 -2018-07-13
CVE-2017-3775 多款Lenovo产品安全漏洞 — Some Lenovo Flex System and Lenovo System x products 6.4 -2018-05-04
CVE-2018-9063 Lenovo System Update 缓冲区错误漏洞 — Lenovo System Update 7.8 -2018-05-04
CVE-2017-3776 Lenovo Help Android mobile应用程序安全漏洞 — Help mobile Android app 7.5 -2018-04-19
CVE-2017-3774 多款Lenovo和IBM产品Integrated Management Module II 缓冲区错误漏洞 — IMM2 9.8 -2018-04-19
CVE-2017-3768 Lenovo System x系列和IBM System x系列安全漏洞 — Integrated Management Module 2 (IMM2) 7.5 -2018-01-26
CVE-2017-3762 多款Lenovo产品Fingerprint Manager Pro 安全漏洞 — Lenovo Fingerprint Manager Pro 7.1 -2018-01-26
CVE-2017-3765 Lenovo、IBM RackSwitch和BladeCenter交换机Enterprise Networking Operating System 安全漏洞 — Enterprise Network Operating System affecting Lenovo and IBM RackSwitch and BladeCenter Products 7.8 -2018-01-10
CVE-2017-3764 Lenovo XClarity Administrator 安全漏洞 — xClarity Administrator 5.3 -2017-11-30
CVE-2017-3767 多款Lenovo ThinkPad产品Realtek音频驱动程序权限许可和访问控制问题漏洞 — Realtek Audio Driver 7.8 -2017-11-13
CVE-2017-3771 Lenovo E95和ThinkCentre M710s/M710t 安全漏洞 — E95, ThinkCentre M710s/M710t 7.5 -2017-10-26
CVE-2017-3758 Lenovo Service Framework应用程序Android组件访问控制错误漏洞 — Service Framework application 8.4 -2017-10-17
CVE-2017-3759 Lenovo Service Framework Android应用程序安全漏洞 — Service Framework application 8.1 -2017-10-17
CVE-2017-3760 Lenovo Service Framework Android应用程序安全漏洞 — Service Framework application 8.1 -2017-10-17
CVE-2017-3761 Lenovo Service Framework Android应用程序安全漏洞 — Service Framework application 9.8 -2017-10-17
CVE-2017-3770 Lenovo LXCA 权限许可和访问控制问题漏洞 — Lenovo XClarity Administrator (LXCA) 8.8 -2017-09-22
CVE-2017-3763 Lenovo LXCA 安全漏洞 — Lenovo XClarity Administrator (LXCA) 5.7 -2017-09-22
CVE-2017-3746 Lenovo ThinkPad USB 3.0 Ethernet Adapter驱动程序权限许可和访问控制问题漏洞 — ThinkPad USB 3.0 Ethernet Adapter Driver 7.8 -2017-08-28
CVE-2017-3757 多款Lenovo产品ElanTech Touchpad驱动程序安全漏洞 — Lenovo ElanTech Touchpad driver 7.8 -2017-08-28
CVE-2017-3756 Lenovo ThinkPad for Windows Active Protection System 权限许可和访问控制问题漏洞 — ThinkPad Active Protection System 7.8 -2017-08-18
CVE-2017-3753 多款Lenovo产品BIOS SMI Handler 安全漏洞 — Desktop and Notebook BIOS 8.4 -2017-08-10
CVE-2017-3751 ThinkPad Compact USB Keyboard with TrackPoint Driver 权限许可和访问控制漏洞 — ThinkPad Compact USB Keyboard with TrackPoint Driver 7.8 -2017-08-10
CVE-2017-3752 多款Lenovo和IBM Networking Switches 安全漏洞 — Lenovo and IBM Switch Products 9.3 -2017-08-09

This page lists every published CVE security advisory associated with Lenovo Group Ltd.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.