Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to execute arbitrary code in the enclave (that can compromise confidentiality of enclave data) via APIs that accept invalid pointers.
Affected:< 5.5.26.1102Fixed in:5.5.26.1102CVE-2019-18619derived from NVD
envy x360 - 15t-dr100 firmwareNVD
Affected:< 6.0.39.1111Fixed in:6.0.39.1111CVE-2019-18619derived from NVD
pavilion 14-cd1xxx x360 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
pavilion 14-cd2xxx x360 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
pavilion 14-dh0xxx x360 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
pavilion 14m-cd0xxx x360 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
pavilion 14m-dh0xxx x360 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
pavilion 15 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
pavilion x360 - 14t-cd000 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
pavilion x360 - 15t-dq000 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
pavilion x360 - 15t-dq100 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
pavilion x360 14t-cd100 firmwareNVD
Affected:< 5.5.11.1093Fixed in:5.5.11.1093CVE-2019-18619derived from NVD
pavilion x360 14t-dh000 firmwareNVD
Affected:< 5.5.8.1116Fixed in:5.5.8.1116CVE-2019-18619derived from NVD
spectre x360 firmwareNVD
Affected:< 5.5.26.1102Fixed in:5.5.26.1102CVE-2019-18619derived from NVD
thankpad a475 firmwareNVD
Affected:< 5.02.3539.0026Fixed in:5.02.3539.0026CVE-2019-18619derived from NVD
thankpad a485 firmwareNVD
Affected:< 5.03.3542.0026Fixed in:5.03.3542.0026CVE-2019-18619derived from NVD
thinkpad 25 firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad a275 firmwareNVD
Affected:< 5.2.3535.26Fixed in:5.2.3535.26CVE-2019-18619derived from NVD
thinkpad e480 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e485 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e490 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e490s firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e580 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e585 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad e590 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad l480 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad l580 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad p1 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad p1 gen 2 firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad p43s firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad p50 firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad p51 firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p51s \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p51s \(20jx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p51s \(20kx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p52 firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p52s firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad p53 firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad p53s firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad p70 firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad p71 \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad p72 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad p73 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad r490 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad r590 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad s1 3rd firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad s3 firmwareNVD
Affected:< 5.2.321.26Fixed in:5.2.321.26CVE-2019-18619derived from NVD
thinkpad t25 \(20k7\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t460p firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad t460s firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad t470 \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t470 \(20jx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t470p firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t470s \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t470s \(20jx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t480 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad t480s firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad t490 firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad t490s firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad t570\(20jx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t570 \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad t580 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad t590 firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad x1 carbon \(20hx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad x1 carbon \(20kx\) firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad x1 carbon firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad x1 extreme 2nd firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad x1 extreme firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad x1 tablet \(20jx\) firmwareNVD
Affected:< 5.2.227.26Fixed in:5.2.227.26CVE-2019-18619derived from NVD
thinkpad x1 tablet firmwareNVD
Affected:< 5.5.40.1058Fixed in:5.5.40.1058CVE-2019-18619derived from NVD
thinkpad x1 yoga 3rd gen firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad x1 yoga 4th gen firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad x1 yoga \(20jx\) firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad x1 yoga firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad x270 firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad x280 firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad x380 yoga firmwareNVD
Affected:< 5.3.3542.26Fixed in:5.3.3542.26CVE-2019-18619derived from NVD
thinkpad x390 firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad x390 yoga firmwareNVD
Affected:< 6.0.36.1105Fixed in:6.0.36.1105CVE-2019-18619derived from NVD
thinkpad yoga 260 firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
thinkpad yoga 370 firmwareNVD
Affected:< 5.2.3540.26Fixed in:5.2.3540.26CVE-2019-18619derived from NVD
thinkpad yoga s1 firmwareNVD
Affected:< 5.1.338.26Fixed in:5.1.338.26CVE-2019-18619derived from NVD
Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
CVSS v3 Vector
Exploitability
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploit Intelligence
0.47%probability of exploitation in 30 days
37thpercentile
Low risk: more likely to be exploited than 37% of all known CVEs.
TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.