Description
A memory leakage vulnerability was reported in the NvmramSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables.
CVSS Metrics
- Vector
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Attack Vector
- local
- Complexity
- low
- Privileges
- high
- User Action
- none
- Scope
- unchanged
- Confidentiality
- high
- Integrity
- high
- Availability
- high
- Weaknesses
- CWE-125
Metadata
- Primary Vendor
- LENOVO
- Published
- 11/8/2023
- Last Modified
- 11/21/2024
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
lenovo : ideacentre_c5-14imb05_firmwarelenovo : ideacentre_3-07ada05_firmwarelenovo : ideacentre_3-07imb05_firmwarelenovo : ideacentre_g5-14imb05_firmwarelenovo : ideacentre_5-14iob6_firmwarelenovo : ideacentre_creator_5-14iob6_firmwarelenovo : ideacentre_g5-14amr05_firmwarelenovo : ideacentre_g5-14imb05_firmwarelenovo : ideacentre_gaming_5-14iob6_firmwarelenovo : ideacentre_mini_5_01iaq7_firmwarelenovo : ideacentre_mini_5-01imh05_firmwarelenovo : legion_t7-34imz5_firmwarelenovo : thinkcentre_m625q_firmwarelenovo : thinkcentre_m630e_firmwarelenovo : thinkcentre_m70a_firmwarelenovo : thinkcentre_m920z_all-in-one_firmwarelenovo : thinkcentre_m920x_firmwarelenovo : thinkcentre_m920t_firmwarelenovo : thinkcentre_m920s_firmwarelenovo : thinkcentre_m920q_firmwarelenovo : thinkcentre_m90t_firmwarelenovo : thinkcentre_m90s_firmwarelenovo : thinkcentre_m90q_tiny_firmwarelenovo : thinkcentre_m90a_firmwarelenovo : thinkcentre_m820z_all-in-one_firmwarelenovo : thinkcentre_m80t_firmwarelenovo : thinkcentre_m80s_firmwarelenovo : thinkcentre_m80q_firmwarelenovo : thinkcentre_m75t_gen_2_firmwarelenovo : thinkcentre_m75s_gen_2_firmwarelenovo : thinkcentre_m75q_gen_2_firmwarelenovo : thinkcentre_m75n_firmwarelenovo : thinkcentre_m720t_firmwarelenovo : thinkcentre_m720s_firmwarelenovo : thinkcentre_m720q_firmwarelenovo : thinkcentre_m70t_firmwarelenovo : thinkcentre_m70s_firmwarelenovo : thinkcentre_m70q_firmwarelenovo : thinkcentre_m70c_firmwarelenovo : v50t-13iob_g2_firmwarelenovo : v55t_gen_2_13acn_firmwarelenovo : v50t-13imh_firmwarelenovo : v50t-13imb_firmwarelenovo : v50s-07imb_firmwarelenovo : v50a-24imb_firmwarelenovo : v50a-22imb_firmwarelenovo : v30a-24iml_firmwarelenovo : v30a-22iml_firmwarelenovo : thinkcentre_m70c_firmwarelenovo : thinkedge_se30_firmwarelenovo : thinkstation_p920_workstation_firmwarelenovo : thinkstation_p720_workstation_firmwarelenovo : thinkstation_p520c_workstation_firmwarelenovo : thinkstation_p520_workstation_firmwarelenovo : thinkstation_p360_workstation_firmwarelenovo : thinkstation_p360_workstation_firmwarelenovo : thinkstation_p350_workstation_firmwarelenovo : thinkstation_p348_workstation_firmwarelenovo : thinkstation_p340_workstation_firmwarelenovo : thinkstation_p340_tiny_workstation_firmwarelenovo : thinkstation_p330_workstation_2nd_gen_firmwarelenovo : thinkstation_p330_workstation_firmwarelenovo : thinkstation_p330_tiny_workstation_firmwarelenovo : thinkstation_p320_workstation_firmware
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.