Unsigned DLL Loading Vulnerability in Lenovo System Interface Foundation
CVE-2019-6189

7.8HIGH

Key Information:

Vendor: Lenovo
Status: Lenovo System Interface Foundation
Vendor: CVE Published:; 19 November 2019

What is CVE-2019-6189?

A vulnerability exists in the Lenovo System Interface Foundation that allows an administrative user to load unsigned dynamic link libraries (DLLs). If successfully exploited, this flaw could pose significant risk to the integrity of the system, as it opens avenues for unauthorized execution of potentially harmful code. Users are encouraged to update to version 1.1.18.3 or later to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Lenovo System Interface Foundation <= 1.1.18.3

References

https://support.lenovo.com/solutions/LEN-29198

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 19, 2019
Vulnerability Reserved
Jan 11, 2019

JSON

Lenovo

What is CVE-2019-6189?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.