exploitDog

GHSA-fq4g-xqp9-9643

Опубликовано: 23 авг. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.7

Описание

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential.

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential.

Ссылки

EPSS

Процентиль: 6%

0.00025

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-798

Связанные уязвимости

CVE-2022-3744

CVSS3: 6.7

nvd

больше 2 лет назад

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential.

EPSS

Процентиль: 6%

0.00025

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-798