Back to overview

CVE-2026-10589

MEDIUM
6.0
CVSS 3.1
Description
A potential out of bounds write vulnerability could allow a local privileged attacker to execute code in System Management Mode.

Metadata

CVE ID
CVE-2026-10589
State
PUBLISHED
Assigner
lenovo
Reserved
2026-06-01 19:55 UTC
Published
2026-07-16 16:50 UTC
Last updated
2026-07-16 17:31 UTC
Primary CWE
CWE-787
CWE-787 Out-of-bounds Write
Vendor / Product
Lenovo / Yoga Pro 7 15IPH11 BIOS
Sources
cve.org  ·  NVD

Severity & Metrics

6.0 MEDIUM CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
SSVC — CISA Coordinator
Exploitation
none
Automatable
no
Tech. Impact
partial
Affected products (60)
VendorProductPlatformVersions
Lenovo IdeaPad 5 15ABA7 BIOS 0 < KACN29WW
Lenovo IdeaPad Pro 5 16AGP11 BIOS 0 ≤ T8CN19WW
Lenovo IdeaPad Pro 5 16ASP10 BIOS 0 ≤ R1CN24WW
Lenovo IdeaPad Pro 5 16IAH10 BIOS 0 ≤ PZCN27WW
Lenovo IdeaPad Pro 5 16IMH9 BIOS 0 ≤ MECN68WW
Lenovo IdeaPad Pro 5 16IPH11 BIOS 0 < S4CN62WW
Lenovo IdeaPad Pro 5 16IRH8 BIOS 0 ≤ KZCN46WW
Lenovo IdeaPad Slim 3 14ITN9 BIOS 0 < QUCN20WW
Lenovo IdeaPad Slim 3 15AMN8 BIOS 0 < L1CN51WW
Lenovo IdeaPad Slim 3 16ARP10 BIOS 0 < QBCN30WW
Lenovo IdeaPad Slim 3 16IRH10R BIOS 0 ≤ QDCN23WW
Lenovo IdeaPad Slim 3 16IRH8 BIOS 0 < LTCN44WW
Lenovo IdeaPad Slim 3 16IRU9 BIOS 0 < P2CN27WW
Lenovo Legion 5 15AHP10 BIOS 0 < RGCN35WW
Lenovo Legion 5 15AKP10 BIOS 0 ≤ RYCN22WW
Lenovo Legion 5 15APH9 BIOS 0 < PJCN18WW
Lenovo Legion 5 15IAX10 BIOS 0 ≤ S2CN15WW
Lenovo Legion 5 15IRX10 BIOS 0 ≤ QNCN28WW
Lenovo Legion 5 15IRX9 BIOS 0 ≤ PTCN14WW
Lenovo Legion 7 16AGP11 BIOS 0 ≤ TPCN27WW
Lenovo Legion 7 16IAX10 BIOS 0 ≤ RXCN18WW
Lenovo Legion 9 16IRX9 BIOS 0 ≤ NXCN20WW
Lenovo Legion Pro 5 16ADR10 BIOS 0 ≤ U5CN07WW
Lenovo Legion Pro 5 16ADR10 BIOS 0 ≤ RLCN21WW
Lenovo Legion Pro 5 16AFR10 BIOS 0 ≤ RECN14WW
Lenovo Legion Pro 5 16ARX8 BIOS 0 ≤ LPCN59WW
Lenovo Legion Pro 5 16IAX10 BIOS 0 ≤ Q6CN26WW
Lenovo Legion Pro 5 16IRX10 BIOS 0 ≤ S9CN13WW
Lenovo Legion Pro 5 16IRX9 BIOS 0 < N0CN35WW
Lenovo Legion Pro 7 16ADR10H BIOS 0 < SJCN17WW
Lenovo Legion Pro 7 16AFR10H BIOS 0 < SMCN20WW
Lenovo Legion Pro 7 16ARX8H BIOS 0 ≤ LPCN45WW
Lenovo Legion Pro 7 16ARX8H BIOS 0 ≤ LPCN59WW
Lenovo Legion Pro 7 16IAX10H BIOS 0 ≤ Q7CN31WW
Lenovo Legion Pro 7 16IRX9H BIOS 0 ≤ N2CN26WW
Lenovo Legion Slim 5 14APH8 BIOS 0 ≤ MACN33WW
Lenovo Lenovo S14 G3 IAP BIOS 0 ≤ JKCN49WW
Lenovo Lenovo V14 G6 ITN BIOS 0 < RHCN20WW
Lenovo Lenovo V15 G2 IJL Laptop BIOS 0 < HTCN49WW
Lenovo Lenovo V15 G4 AMN BIOS 0 < L1CN72WW
Lenovo Lenovo V15 G4 IAH BIOS 0 < MCCN39WW
Lenovo Lenovo V15 G5 IRL BIOS 0 < PMCN38WW
Lenovo Lenovo V15 G6 ARP BIOS 0 ≤ TYCN15WW
Lenovo LOQ 15ARP10E BIOS 0 < SUCN18WW
Lenovo LOQ 15IAX9E BIOS 0 ≤ Q8CN17WW
Lenovo ThinkBook 16p G5 IRX BIOS 0 < P5CN31WW
Lenovo ThinkBook 16p G6 ADR BIOS 0 < R7CN26WW
Lenovo ThinkBook 16p G6 IAX BIOS 0 < R2CN57WW
Lenovo ThinkBook Plus G4 IRU BIOS 0 ≤ LUCN47WW
Lenovo ThinkBook Plus G5 Tab&ThinkBook Plus G5 Station BIOS 0 ≤ P8CN42WW
Lenovo ThinkBook Plus G6 Rollable BIOS 0 ≤ QWCN34WW
Lenovo Yoga 9 14IRP8 BIOS 0 < L4CN31WW
Lenovo Yoga 9 2-in-1 14ILL10 BIOS 0 ≤ Q9CN22WW
Lenovo Yoga 9 2-in-1 14IMH9 BIOS 0 ≤ NNCN31WW
Lenovo Yoga Book 9 13IMU9 BIOS 0 ≤ NVCN24WW
Lenovo Yoga Book 9 14IAH10 BIOS 0 ≤ QEME23WW
Lenovo Yoga Book 9 14IAH10 BIOS 0 ≤ QECN21WW
Lenovo Yoga Pro 7 15IPH11 BIOS 0 < TNCN37WW
Lenovo Yoga Pro 9 14IRP8 BIOS 0 ≤ MBCN33WW
Lenovo Yoga Pro 9 16IMH9 BIOS 0 ≤ NKCN30WW
Weakness (CWE)
CWESourceDescription
cna CWE‑787: Out‑of‑Bounds Read/Write
CWE-787 adp CWE-787 Out-of-bounds Write
CVSS scores (2)
ScoreSeverityVersionSourceVector
6.8 MEDIUM 4.0 cna CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
6.0 MEDIUM 3.1 cna CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Back to overview