CVE-2024-38510

EUVD-2024-37382
A privilege escalation vulnerability was discovered in the SSH captive command shell interface that could allow an authenticated XCC user with elevated privileges to perform command injection via specially crafted file uploads.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
lenovothinkagile_hx5530_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx7530_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx3331_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx_enclosure_certified_node_firmware
𝑥
< 4.11
ADP
lenovothinkagile_hx1021_edg_firmware
𝑥
< 4.11
ADP
lenovothinkagile_hx1320_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx1331_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx1321_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx1520-r_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx1521-r_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx2320-e_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx2321_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx2330_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx2331_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx2720-e_firmware
𝑥
< 4.11
ADP
lenovothinkagile_hx3320_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx3321_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx3330_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx3331
𝑥
< 4.71
ADP
lenovothinkagile_hx3375_firmware
𝑥
< 5.61
ADP
lenovothinkagile_hx3376_firmware
𝑥
< 5.61
ADP
lenovothinkagile_hx3520-g_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx3521-g_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx3720_firmware
𝑥
< 4.11
ADP
lenovothinkagile_hx3721_firmware
𝑥
< 4.11
ADP
lenovothinkagile_hx5520-c_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx5521-c_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx5531_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx7520_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx7521_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx7521_firmware
𝑥
< 9.97
ADP
lenovothinkagile_hx7530_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx7531_firmware
𝑥
< 4.71
ADP
lenovothinkagile_hx7820_firmware
𝑥
< 3.11
ADP
lenovothinkagile_hx7821_firmware
𝑥
< 3.11
ADP
lenovothinkagile_mx1020_firmware
𝑥
< 4.11
ADP
lenovothinkagile_mx3330-f_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3330-h_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3331-f_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3331-h_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3530_f_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3530-h_firmware
𝑥
< 4.71
ADP
lenovothinkagile_mx3531-f_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx1320_firmware
𝑥
< 4.11
ADP
lenovothinkagile_vx2320_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx2330_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx3320_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx3330_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx3520-g_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx3530-g_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx3720_firmware
𝑥
< 4.11
ADP
lenovothinkagile_vx5520_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx5530_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx7320_n_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx7330_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx7520_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx7520_n_firmware
𝑥
< 9.97
ADP
lenovothinkagile_vx7530_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx7531_firmware
𝑥
< 4.71
ADP
lenovothinkagile_vx7820_firmware
𝑥
< 3.11
ADP
lenovothinkstation_p920_workstation_firmware
𝑥
< 9.97
ADP
lenovothinksystem_st250_firmware
𝑥
< 1.12
ADP
lenovothinksystem_sd530_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sd630_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sd650_dual_node_tray_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sd650_dual_node_tray_firmware
𝑥
< 6.36
ADP
lenovothinksystem_sd650-n_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sd650_v3_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sd665_v3_firmware
𝑥
< 5.11
ADP
lenovothinksystem_se350_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sn550_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sn550_firmware
𝑥
< 6.36
ADP
lenovothinksystem_sn550_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sn850_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sn850_firmware
𝑥
< 6.36
ADP
lenovothinksystem_sr150_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr158_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr250_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr250_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr258_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr258_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr530_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr550_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr570_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr590_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr630_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr630_v2_firmware
𝑥
< 4.71
ADP
lenovothinksystem_sr630_v3_firmware
𝑥
< 4.51
ADP
lenovothinksystem_sr635_firmware
𝑥
< 2.81
ADP
lenovothinksystem_sr645_firmware
𝑥
< 5.61
ADP
lenovothinksystem_sr645_v3_firmware
𝑥
< 2.81
ADP
lenovothinksystem_sr650_firmware
𝑥
< 9.97
ADP
lenovothinksystem_sr650_v2_firmware
𝑥
< 4.71
ADP
lenovothinksystem_sr655_v3_firmware
𝑥
< 2.81
ADP
lenovothinksystem_sr665_firmware
𝑥
< 5.61
ADP
lenovothinksystem_sr665_v3_firmware
𝑥
< 5.61
ADP
lenovothinksystem_sr665_v3_firmware
𝑥
< 2.81
ADP
lenovothinksystem_sr670_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr670_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr670_v2_firmware
𝑥
< 5.11
ADP
lenovothinksystem_sr675_v3_firmware
𝑥
< 5.11
ADP
lenovothinksystem_sr850_firmware
𝑥
< 6.36
ADP
lenovothinksystem_sr850_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr850_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr850_v3_firmware
𝑥
< 1.20
ADP
lenovothinksystem_sr850p_firmware
𝑥
< 6.36
ADP
lenovothinksystem_sr860_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr860_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_sr860_v3_firmware
𝑥
< 1.20
ADP
lenovothinksystem_sr950_firmware
𝑥
< 3.11
ADP
lenovothinksystem_st250_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st250_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st258_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st258_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st550_firmware
𝑥
< 9.97
ADP
lenovothinksystem_st650_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st650_v3_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st658_v2_firmware
𝑥
< 4.11
ADP
lenovothinksystem_st658_v3_firmware
𝑥
< 4.11
ADP
Common Weakness Enumeration
References
https://support.lenovo.com/us/en/product_security/LEN-156781
https://support.lenovo.com/us/en/product_security/LEN-156781