Technology vendor Lenovo, most well-known for its computers, has released a security advisory warning consumers against a major exploit on their Thinkpad laptops. (Lenovo acquired the Thinkpad division from IBM in 2005 for those that don’t know.) The Thinkpad vulnerability, caused by the “Broadcom WiFi Buffer Overflow Vulnerability,” stems from two exploits in the firmware, specifically CVE-2017-11120 and CVE-2017-11121.
As Threatpost noted in its news report on the security advisory, these two vulnerabilities had already been patched by Apple (the exploit affected the iPhone, Apple TV, and Apple Watch) and Google (Android devices were susceptible as well) in late 2017.
The result of the Thinkpad vulnerability, namely why it was reported as critical is the following according to the report is that it allows for arbitrary code execution. The result of this is the opening of a proverbial Pandora’s box where countless attacks can be leveraged against the machine (most notably through planting a backdoor).
Lenovo had the following to say about Broadcom’s vulnerability and the actions being taken to mitigate it:
Broadcom WiFi controllers used by many computer and device makers… contain buffer overflow vulnerabilities on the adapter (not the system CPU). Broadcom initially did not plan to remediate these issues, but when the WPA2 KRACK issue also emerged, Broadcom combined both fixes in to a single set of driver updates. Lenovo received the first of these near the end of 2017, and continues releasing fixes as integration and testing is completed… Broadcom recommends updating to the WiFi driver version (or newer) indicated for your model.
The security report lists every single model of Lenovo Thinkpads that are affected by this issue. As such, it would be advisable for any owners of the laptop to see if they are at risk. It would also be a smart idea to monitor your Thinkpad for any unusual activity that might be indicative of a backdoor or other invasions of your device.
Photo credit: Lenovo