LVFS: ThinkPad P1 X1 Extreme

Lenovo (ThinkPad) ThinkPad P1 X1 Extreme

Lenovo ThinkPad P1 X1 Extreme Corporate ME Firmware N2ERM22W, version 12.0.95.2489

Version 192.95.2489
2024-08-08 06:53:15

X1 /Extreme N2ERG22W ME FW 12.0.95.2489 Release Intel IPU2024.3 MEFW Update to fix IPU2024.3

ME version is 12.0.95.2489/ PMC version is 300.1.20.1030/MEBx 12.0.0.0011/ CSME SW 2410.5.64.0

Urgency	high
Reported Success	71% (low confidence)
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Tested By	Lenovo on Ubuntu 23.10，fwupd v1.9.16 2 months ago The vendors testing the update provide no warranty of any kind (express or implied), including but not limited to the warranties of merchantability, fitness for a particular purpose or non-infringement. In no event shall these vendors be liable for any claim, damages or other liability.
Release Gating	Not available to ChromeOS users More info

Download Archive More details Firmware Details Compare with previous

Version 192.93.2331
2023-08-07 09:06:05

MEFW version update to 192.93.2331.

and be aware that, in Intel® CSME FW 192.93.2331, the VCN increased.

Therefore, downgrading from Intel® CSME FW 192.93.2331 to earlier versions is not possible.

Urgency	high
Reported Success	96% (medium confidence)
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Release Gating	Not available to ChromeOS users More info

Download Archive More details Firmware Details Compare with previous

Version 192.92.2145
2022-12-06 01:11:50

Lenovo ThinkPad P1 / X1 Extreme Gen1 Corporate ME Firmware Version: 12.0.92.2145

This stable release fixes the following issues:

Several Intel known issues were fixed in this release.Refer to Intel Closed Issues at the bottom portion of this build letter.

Urgency	high
Reported Success	100% (medium confidence)
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Release Gating	Not available to ChromeOS users More info

Download Archive More details Firmware Details Compare with previous

Version 192.90.2072
2022-08-04 05:45:38

Lenovo ThinkPad P1 X1 Extreme 3rd Corporate ME Firmware Version: 12.0.90.2072

Urgency	high
Reported Success	93% (medium confidence)
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Release Gating	Not available to ChromeOS users More info

Download Archive More details Firmware Details Compare with previous

Version 192.81.1753
2021-08-16 07:34:21

0 Intel Platform Update 2021.1 (PV Maintenance Release)

Version 12.0.81.1753 (LVFS: 192.81.1753)

Problem fixes

Several Intel known issues were fixed in this release.Refer to Intel
Closed Issues at the bottom portion of Intel's release note

Urgency	high
Reported Success	100% (high confidence)
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Release Gating	Not available to ChromeOS users More info

Download Archive More details Firmware Details Compare with previous

Version 192.72.1757
2021-04-21 12:51:10

0 Intel Platform Update 2020.2 (Hot Fix Release)

Version 12.0.72.1757 (LVFS: 192.72.1757)

Problem Fixes

Intel CSME TA-00473 2020.2 HF2 Release:
Mitigated the following security vulnerabilities under issues:

Urgency	high
Reported Success	97% (high confidence)
Fixed issues:	CVE-2020-24588 The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. CVE-2020-24587 The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed. CVE-2020-24586 The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Release Gating	Not available to ChromeOS users More info

Download Archive More details Firmware Details Compare with previous

Version 192.70.1652
2021-01-22 06:30:30

0 Intel Platform Update 2020.2 (PV Maintenance Release)

Version 12.0.70.1652 (LVFS: 192.70.1652)

Problem Fixes

Mitigated the following security vulnerabilities under issues:

Urgency	high
Reported Success	100% (medium confidence)
Fixed issues:	CVE-2020-12297 Improper access control in Installer for Intel(R) CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access. CVE-2020-12356 Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access. CVE-2020-12355 Intel's CVE. CVE-2020-12354 Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions before 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2020-12304 Improper access control in Installer for Intel(R) DAL SDK before version 2.1 for Windows may allow an authenticated user to potentially enable escalation of privileges via local access. CVE-2020-12303 Use after free in DAL subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable escalation of privileges via local access. CVE-2020-8705 Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access. CVE-2020-8749 Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. CVE-2020-8746 Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent access. CVE-2020-8755 Race condition in subsystem for Intel(R) CSME versions before 12.0.70 and 14.0.45, Intel(R) SPS versions before E5_04.01.04.400 and E3_05.01.04.200 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2020-8747 Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access. CVE-2020-8761 Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access. CVE-2020-8754 Out-of-bounds read in subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. CVE-2020-8751 Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, Intel(R) TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information disclosure via physical access. CVE-2020-8744 Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2020-8760 Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2020-8756 Improper input validation in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2020-8757 Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2020-8750 Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2020-8745 Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2020-8753 Out-of-bounds read in DHCP subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. CVE-2020-8752 Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of privileges via network access. VU#231329 Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Release Gating	Not available to ChromeOS users More info

Download Archive More details Firmware Details Compare with previous

Version 192.47.1524
2019-11-18 07:24:52

0 Q2'19 Intel Platform Update (Hot Fix Release)

Version 12.0.47.1524 (LVFS: 192.47.1524)

Problem Fixes

Intel CSME PSIRT-TA-201905-011 Q2 2019 IPU:
Mitigated security vulnerabilities.

Urgency	high
Reported Success	97% (high confidence)
Fixed issues:	CVE-2019-0170 Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2019-0153 Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access. CVE-2019-0098 Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2019-0097 Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access. CVE-2019-0096 Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access. CVE-2019-0094 Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access. CVE-2019-0093 Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access. CVE-2019-0092 Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2019-0090 Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2019-0086 Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Release Gating	Not available to ChromeOS users More info

Download Archive Firmware Details Compare with previous

Version 192.35.1427
2019-06-21 07:43:04

0 Quarterly Security Release

Version 12.0.35.1427 (LVFS: 192.35.1427)

Problem Fixes

Intel CSME PSIRT-TA-201901-002 Q1 2019 QSR:

Urgency	high
Reported Success	97% (medium confidence)
Fixed issues:	CVE-2019-0170 Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2019-0096 Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access. CVE-2019-0094 Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access. CVE-2019-0093 Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access. CVE-2019-0092 Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2019-0090 Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2019-0153 Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access. CVE-2019-0098 Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2019-0097 Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access. CVE-2019-0086 Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Release Gating	Not available to ChromeOS users More info

Download Archive Firmware Details

Linux Vendor Firmware Service Project a Series of LF Projects, LLC :: Charter

Lenovo (ThinkPad) ThinkPad P1 X1 Extreme

Version 192.95.2489 2024-08-08 06:53:15

The vendors testing the update provide no warranty of any kind (express or implied), including but not limited to the warranties of merchantability, fitness for a particular purpose or non-infringement. In no event shall these vendors be liable for any claim, damages or other liability.

Version 192.93.2331 2023-08-07 09:06:05

Version 192.92.2145 2022-12-06 01:11:50

Version 192.90.2072 2022-08-04 05:45:38

Version 192.81.1753 2021-08-16 07:34:21

Version 192.72.1757 2021-04-21 12:51:10

Version 192.70.1652 2021-01-22 06:30:30

Version 192.47.1524 2019-11-18 07:24:52

Version 192.35.1427 2019-06-21 07:43:04

Version 192.95.2489
2024-08-08 06:53:15

Version 192.93.2331
2023-08-07 09:06:05

Version 192.92.2145
2022-12-06 01:11:50

Version 192.90.2072
2022-08-04 05:45:38

Version 192.81.1753
2021-08-16 07:34:21

Version 192.72.1757
2021-04-21 12:51:10

Version 192.70.1652
2021-01-22 06:30:30

Version 192.47.1524
2019-11-18 07:24:52

Version 192.35.1427
2019-06-21 07:43:04