2 results (0.006 seconds)

CVSS: 8.8EPSS: 0%CPEs: 256EXPL: 0

An authenticated XCC user can change permissions for any user through a crafted API command. Un usuario XCC autenticado puede cambiar los permisos de cualquier usuario mediante un comando API manipulado. • https://support.lenovo.com/us/en/product_security/LEN-140960 • CWE-269: Improper Privilege Management •

CVSS: 4.4EPSS: 0%CPEs: 673EXPL: 0

An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. • https://support.lenovo.com/us/en/product_security/LEN-94953 • CWE-125: Out-of-bounds Read •