In Permission, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could…

In SEPolicy, there is a possible way to access the factory MAC address due to a permissions bypass. This could lead to local information disclosure…

In Slice, there is a possible disclosure of installed applications due to side channel information disclosure. This could lead to local escalation of privilege with…

In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This…

In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could…

An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute…

A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attacker with physical…

An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with local access and elevated privileges to execute…

An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute…

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was…