6 results (0.009 seconds)

CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0

A buffer overflow vulnerability in the SecureBootDXE BIOS driver of some Lenovo Desktop and ThinkStation models could allow an attacker with local access to elevate their privileges to execute arbitrary code. • https://support.lenovo.com/us/en/product_security/LEN-124495 • CWE-787: Out-of-bounds Write •

CVSS: 4.4EPSS: 0%CPEs: 300EXPL: 0

An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. • https://support.lenovo.com/us/en/product_security/LEN-94953 • CWE-125: Out-of-bounds Read •

CVSS: 4.4EPSS: 0%CPEs: 278EXPL: 0

An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. • https://support.lenovo.com/us/en/product_security/LEN-94953 • CWE-125: Out-of-bounds Read •

CVSS: 6.9EPSS: 0%CPEs: 128EXPL: 0

A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password At Boot Device List" BIOS setting is Yes. Se ha informado de una vulnerabilidad en algunos modelos de ordenadores de sobremesa de Lenovo que podía permitir el acceso no autorizado al menú de arranque, cuando la configuración de la BIOS "BIOS Password At Boot Device List" es Sí • https://support.lenovo.com/us/en/product_security/LEN-67440 • CWE-287: Improper Authentication •

CVSS: 6.7EPSS: 0%CPEs: 346EXPL: 0

A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution. Una potencial vulnerabilidad en la función de devolución de llamada SMI usada en el controlador System Lock Preinstallation en algunos modelos Lenovo Notebook y ThinkStation, puede permitir una ejecución de código arbitraria • https://support.lenovo.com/us/en/product_security/LEN-30042 •