Описание
A potential vulnerability in a driver used during manufacturing process on the Ideapad Y700-14ISK that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:lenovo:ideapad_y700-14isk_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:ideapad_y700-14isk:-:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00153
Низкий
6.7 Medium
CVSS3
Дефекты
CWE-276
CWE-276
Связанные уязвимости
CVSS3: 6.7
github
около 3 лет назад
A potential vulnerability in a driver used during manufacturing process on the Ideapad Y700-14ISK that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
EPSS
Процентиль: 36%
0.00153
Низкий
6.7 Medium
CVSS3
Дефекты
CWE-276
CWE-276