Lenovo Flex System X240 M4 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Lenovo Flex System X240 M4 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2018-9068 — CVSS 7.5 (high): The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected…
CVE-2019-6157 — CVSS 6.5 (medium): In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes…
CVE-2018-9085 — CVSS 4.9 (medium): A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an…