Home

Feb 24, 2018

Lenovo has released patches to fix critical Wi-Fi vulnerabilities

authorarticle: 
LenovoLogo-POS-Red.png
video: 
youtube: 
sources: support.lenovo.com
keywords: Lenovo, Safety, security holes, patch, wifi, vulnerabilities
Category: IT
Posted by: Admin

Lenovo informed customers on Friday that two critical Broadcom vulnerabilities (Identified as CVE-2017-11120 and CVE-2017-11121) affect 25 models of its common ThinkPad brand.

The two vulnerabilities were discovered by security researchers from Google Project Zero and first revealed in September 2017, they were only reported to affect specific Broadcom chipsets applied in Apple iPhones, Apple TV and Android devices.

Lenovo informed customers on Friday that two critical Broadcom vulnerabilities (Identified as CVE-2017-11120 and CVE-2017-11121) affect 25 models of its common ThinkPad brand.

The two vulnerabilities were discovered by security researchers from Google Project Zero and first revealed in September 2017, they were only reported to affect specific Broadcom chipsets applied in Apple iPhones, Apple TV and Android devices.

The researcher of Google Project Zero demonstrated that an attacker inside Wi-Fi range could exploit CVE-2017-11120, an out-of-bounds write issue, to perform arbitrary code execution on an affected device.

According to the researcher:
“Upon successful execution of the exploit, a backdoor is inserted into the firmware, allowing remote read/write commands to be issued to the firmware via crafted action frames (thus allowing easy remote control over the Wi-Fi chip),”

The CVE-2017-11121 bug, which is a buffer overflow vulnerability caused by improper validation of Wi-Fi signals. This could lead to remote code execution as well.

Lenovo said last week:
“Broadcom has issued an advisory for certain Broadcom WiFi controllers used by many computer and device makers, which contain buffer overflow vulnerabilities on the adapter (not the system CPU)”

ThinkPad clients are recommended by Lenovo to update their Wi-Fi driver to the latest version.

Source: support.lenovo.com

authorarticle: 
LenovoLogo-POS-Red.png
video: 
youtube: 
sources: support.lenovo.com
keywords: Lenovo, Safety, security holes, patch, wifi, vulnerabilities

Comments:

comments powered by Disqus

Return

Sponsored Ads:

Discord

Page 1 of 537  >  >>

First in the world with external 8TB SSD, but for a price!

1.png

Jul 2, 2020 | Category: IT | Comments

Samsung has launched a new internal SSD.

read more…

Will Google launch new Glass? Has traded AR glasses company

google.jpg

Jul 1, 2020 | Category: Google | Comments

Or does Google root it again?

Google has traded AR glasses company North.

read more…

Microsoft Teams now prevents Students from joining meetings unattended

teams.jpg

Jun 30, 2020 | Category: Microsoft | Comments

Microsoft has announced the general availability of one of the most requested features for Teams for Education that will prevent students from joining a meeting unattended in the absence of the educator. This feature will also prevent students from chatting when a teacher is not present in the meeting.

read more…

Page 1 of 537  >  >>