CVE-2024-38509

EUVD-2024-37381
A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to execute arbitrary code via a specially crafted IPMI command.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
lenovothinkagile_hx5530_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx7530_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx3331_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx_enclosure_certified_node_firmware
𝑥
< 4.11
ADP
lenovothinkagile_hx1021_edg_firmware
𝑥
< 4.11
ADP
lenovothinkagile_hx1320_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx1331_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx1321_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx1520-r_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx1521-r_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx2320-e_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx2321_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx2330_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx2331_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx2720-e_firmware
𝑥
< 4.11
ADP
lenovothinkagile_hx3320_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx3321_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx3330_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx3331
𝑥
< 4.71
ADP
lenovothinkagile_hx3375_firmware
𝑥
< 5.61
ADP
lenovothinkagile_hx3376_firmware
𝑥
< 5.61
ADP
lenovothinkagile_hx3520-g_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx3521-g_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx3720_firmware
𝑥
< 4.11
ADP
lenovothinkagile_hx3721_firmware
𝑥
< 4.11
ADP
lenovothinkagile_hx5520-c_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx5521-c_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx5531_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx7520_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx7521_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx7521_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx7530_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx7531_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx7820_firmware
𝑥
< 3.11
ADP
lenovothinkagile_hx7821_firmware
𝑥
< 3.11
ADP
lenovothinkagile_mx1020_firmware
𝑥
< 4.11
ADP
lenovothinkagile_mx3330-f_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3330-h_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3331-f_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3331-h_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3530_f_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3530-h_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3531-f_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx1320_firmware
𝑥
< 4.11
ADP
lenovothinkagile_vx2320_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx2330_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx3320_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx3330_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx3520-g_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx3530-g_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx3720_firmware
𝑥
< 4.11
ADP
lenovothinkagile_vx5520_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx5530_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx7320_n_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx7330_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx7520_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx7520_n_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx7530_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx7531_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx7820_firmware
𝑥
< 3.11
ADP
lenovothinkstation_p920_workstation_firmware
𝑥
< 9.97
ADP
lenovothinksystem_st250_firmware
𝑥
< 1.12
ADP
lenovothinksystem_sd530_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sd630_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sd650_dual_node_tray_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sd650_dual_node_tray_firmware
𝑥
< 6.36
ADP
lenovothinksystem_sd650-n_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sd650_v3_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sd665_v3_firmware
𝑥
< 5.11
ADP
lenovothinksystem_se350_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sn550_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sn550_firmware
𝑥
< 6.36
ADP
lenovothinksystem_sn550_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sn850_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sn850_firmware
𝑥
< 6.36
ADP
lenovothinksystem_sr150_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr158_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr250_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr250_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr258_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr258_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr530_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr550_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr570_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr590_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr630_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr630_v2_firmware
𝑥
< 4.71
ADP
lenovothinksystem_sr630_v3_firmware
𝑥
< 4.51
ADP
lenovothinksystem_sr635_firmware
𝑥
< 2.81
ADP
lenovothinksystem_sr645_firmware
𝑥
< 5.61
ADP
lenovothinksystem_sr645_v3_firmware
𝑥
< 2.81
ADP
lenovothinksystem_sr650_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr650_v2_firmware
𝑥
< 4.71
ADP
lenovothinksystem_sr655_v3_firmware
𝑥
< 2.81
ADP
lenovothinksystem_sr665_firmware
𝑥
< 5.61
ADP
lenovothinksystem_sr665_v3_firmware
𝑥
< 5.61
ADP
lenovothinksystem_sr665_v3_firmware
𝑥
< 2.81
ADP
lenovothinksystem_sr670_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr670_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr670_v2_firmware
𝑥
< 5.11
ADP
lenovothinksystem_sr675_v3_firmware
𝑥
< 5.11
ADP
lenovothinksystem_sr850_firmware
𝑥
< 6.36
ADP
lenovothinksystem_sr850_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr850_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr850_v3_firmware
𝑥
< 1.20
ADP
lenovothinksystem_sr850p_firmware
𝑥
< 6.36
ADP
lenovothinksystem_sr860_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr860_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr860_v3_firmware
𝑥
< 1.20
ADP
lenovothinksystem_sr950_firmware
𝑥
< 3.11
ADP
lenovothinksystem_st250_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st250_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st258_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st258_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st550_firmware
𝑥
< 9.97
ADP
lenovothinksystem_st650_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st650_v3_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st658_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st658_v3_firmware
𝑥
< 4.11
ADP
Common Weakness Enumeration
References
https://support.lenovo.com/us/en/product_security/LEN-156781
https://support.lenovo.com/us/en/product_security/LEN-156781