Lenovo Security Advisory: LEN-27886

Potential Impact: Denial of Service

Severity: High

Scope of Impact: Lenovo-specific

CVE Identifier: CVE-2019-6176

Summary Description:

A potential vulnerability reported in ThinkPad USB-C Dock (40A9) Firmware version 3.7.2 may allow a denial of service. ​

Mitigation Strategy for Customers (what you should do to protect yourself):

Lenovo recommends updating ThinkPad USB-C Dock Firmware to version 3.7.3 or higher.

Acknowledgement:

Lenovo thanks Eran Shimony of CyberArk Labs for reporting this issue.​

Revision History:

For a complete list of all Lenovo Product Security Advisories, click here.

For the most up to date information, please remain current with updates and advisories from Lenovo regarding your equipment and software. The information provided in this advisory is provided on an “as is” basis without any warranty or guarantee of any kind. Lenovo reserves the right to change or update this advisory at any time.