Products

Solutions

Company

Book A Live Demo

CVE-2019-6190 : What You Need to Know

Learn about CVE-2019-6190, a Lenovo BIOS vulnerability impacting various versions of BIOS for Lenovo Desktop, Desktop - All in One, and ThinkStation. Find out the impact, technical details, and mitigation steps.

Lenovo has been informed about a potential denial of service vulnerability affecting various versions of BIOS for Lenovo Desktop, Desktop - All in One, and ThinkStation. The vulnerability could lead to intermittent clearing of PCR values after resuming from sleep mode (S3) on systems with Intel TXT enabled.

Understanding CVE-2019-6190

This CVE involves a vulnerability in Lenovo BIOS that could result in a denial of service condition.

What is CVE-2019-6190?

CVE-2019-6190 is a vulnerability in Lenovo BIOS that impacts different versions of BIOS for Lenovo Desktop, Desktop - All in One, and ThinkStation. The issue arises after resuming from sleep mode (S3) on systems with Intel TXT enabled, potentially causing intermittent clearing of PCR values.

The Impact of CVE-2019-6190

The vulnerability has a CVSS base score of 5, with a medium severity rating. It has a low attack complexity and requires local access. The impact is high on availability, with no impact on confidentiality or integrity. User interaction is required for exploitation.

Technical Details of CVE-2019-6190

This section provides detailed technical information about the vulnerability.

Vulnerability Description

The vulnerability in Lenovo BIOS could lead to intermittent clearing of PCR values after resuming from sleep mode (S3) on systems with Intel TXT enabled.

Affected Systems and Versions

Product: BIOS

Vendor: Lenovo

Affected Versions: Various

Exploitation Mechanism

The vulnerability can be exploited by resuming from sleep mode (S3) on systems with Intel TXT enabled, causing intermittent clearing of PCR values.

Mitigation and Prevention

It is crucial to take immediate steps to address and prevent the exploitation of this vulnerability.

Immediate Steps to Take

Update system firmware to the version indicated for your model in the Product Impact section of LEN-28078.

Long-Term Security Practices

Regularly check for firmware updates and apply them promptly.

Implement security best practices to protect BIOS and system integrity.

Patching and Updates

Stay informed about security advisories from Lenovo and apply patches and updates as soon as they are available.

CVE-2019-6190 : What You Need to Know

Understanding CVE-2019-6190

What is CVE-2019-6190?

The Impact of CVE-2019-6190

Technical Details of CVE-2019-6190

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2019-6190 : What You Need to Know

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2019-6190

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2019-6190?

The Impact of CVE-2019-6190

Technical Details of CVE-2019-6190

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2019-6190

What is CVE-2019-6190?

Is your System Free of Underlying Vulnerabilities?
Find Out Now