exploitDog

GHSA-2g3v-5cpr-rx7q

Опубликовано: 23 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.7

Описание

A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attacker with local access and elevated privileges to execute arbitrary code.

A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attacker with local access and elevated privileges to execute arbitrary code.

Ссылки

EPSS

Процентиль: 58%

0.00364

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2021-3970

CVSS3: 6.7

nvd

почти 4 года назад

A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attacker with local access and elevated privileges to execute arbitrary code.

EPSS

Процентиль: 58%

0.00364

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-20