CVE-2019-6190
MEDIUMLenovo ThinkCentre and ThinkStation Firmware - Denial of Service via PCR Clearing on S3 Resume
Title source: llmDescription
Lenovo was notified of a potential denial of service vulnerability, affecting various versions of BIOS for Lenovo Desktop, Desktop - All in One, and ThinkStation, that could cause PCRs to be cleared intermittently after resuming from sleep (S3) on systems with Intel TXT enabled.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://support.lenovo.com/us/en/product_security/LEN-28078
Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/176178
Scores
CVSS v3
5.0
EPSS
0.0028
EPSS Percentile
19.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-665
Status
published
Products (50)
lenovo/510-15ikl_firmware
< o2tkt61a
lenovo/510s-08ikl_firmware
< o2tkt61a
lenovo/a340-22_iwl_firmware
< o46kt31a
lenovo/a340-22ast_firmware
< o4ckt18a
lenovo/a340-22icb_firmware
< o44kt26a
lenovo/a340-24_iwl_firmware
< o46kt31a
lenovo/a340-24icb_firmware
< o44kt26a
lenovo/aio520-22iku_firmware
< o3dkt38a
lenovo/aio520-24arr_firmware
< o3zkt36a
lenovo/aio520-24iku_firmware
< o3dkt38a
... and 40 more
Published
Feb 14, 2020
Tracked Since
Feb 18, 2026