CVE-2017-3775
Severity Score
6.4
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with physical access to the system could boot unsigned code.
Algunas versiones BIOS/UEFI del servidor x de Lenovo, cuando Secure Boot está habilitado por un administrador del sistema, no autentican correctamente el código firmado antes de cargarlo. Como resultado, un atacante con acceso físico al sistema podría cargar código no firmado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-12-16 CVE Reserved
- 2018-05-04 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.lenovo.com/us/en/solutions/LEN-20241 | 2018-06-13 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Lenovo Search vendor "Lenovo" | Flex System X240 M5 Bios Search vendor "Lenovo" for product "Flex System X240 M5 Bios" | < 2.61 Search vendor "Lenovo" for product "Flex System X240 M5 Bios" and version " < 2.61" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Flex System X240 M5 Search vendor "Lenovo" for product "Flex System X240 M5" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Flex System X280 X6 Bios Search vendor "Lenovo" for product "Flex System X280 X6 Bios" | < 4.21 Search vendor "Lenovo" for product "Flex System X280 X6 Bios" and version " < 4.21" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Flex System X280 X6 Search vendor "Lenovo" for product "Flex System X280 X6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Flex System X480 X6 Bios Search vendor "Lenovo" for product "Flex System X480 X6 Bios" | < 4.21 Search vendor "Lenovo" for product "Flex System X480 X6 Bios" and version " < 4.21" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Flex System X480 X6 Search vendor "Lenovo" for product "Flex System X480 X6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Flex System X880 Bios Search vendor "Lenovo" for product "Flex System X880 Bios" | < 4.21 Search vendor "Lenovo" for product "Flex System X880 Bios" and version " < 4.21" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Flex System X880 Search vendor "Lenovo" for product "Flex System X880" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Nextscale Nx360 M5 Bios Search vendor "Lenovo" for product "Nextscale Nx360 M5 Bios" | < 2.61 Search vendor "Lenovo" for product "Nextscale Nx360 M5 Bios" and version " < 2.61" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Nextscale Nx360 M5 Search vendor "Lenovo" for product "Nextscale Nx360 M5" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | System X3250 M6 Bios Search vendor "Lenovo" for product "System X3250 M6 Bios" | < 2.23 Search vendor "Lenovo" for product "System X3250 M6 Bios" and version " < 2.23" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | System X3250 M6 Search vendor "Lenovo" for product "System X3250 M6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | System X3500 M5 Bios Search vendor "Lenovo" for product "System X3500 M5 Bios" | < 2.61 Search vendor "Lenovo" for product "System X3500 M5 Bios" and version " < 2.61" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | System X3500 M5 Search vendor "Lenovo" for product "System X3500 M5" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | System X3550 M5 Bios Search vendor "Lenovo" for product "System X3550 M5 Bios" | < 2.61 Search vendor "Lenovo" for product "System X3550 M5 Bios" and version " < 2.61" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | System X3550 M5 Search vendor "Lenovo" for product "System X3550 M5" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | System X3650 M5 Bios Search vendor "Lenovo" for product "System X3650 M5 Bios" | < 2.61 Search vendor "Lenovo" for product "System X3650 M5 Bios" and version " < 2.61" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | System X3650 M5 Search vendor "Lenovo" for product "System X3650 M5" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | System X3850 X6 Bios Search vendor "Lenovo" for product "System X3850 X6 Bios" | < 4.3 Search vendor "Lenovo" for product "System X3850 X6 Bios" and version " < 4.3" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | System X3850 X6 Search vendor "Lenovo" for product "System X3850 X6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | System X3950 X6 Bios Search vendor "Lenovo" for product "System X3950 X6 Bios" | < 4.3 Search vendor "Lenovo" for product "System X3950 X6 Bios" and version " < 4.3" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | System X3950 X6 Search vendor "Lenovo" for product "System X3950 X6" | - | - |
Safe
|