CVE-2016-5247
7.8
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD
Description
The BIOS for Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, M6600t/s, M73p, M800, M83, M8500t/s, M8600t/s, M900, M93, and M93P devices; ThinkServer RQ940, RS140, TS140, TS240, TS440, and TS540 devices; and ThinkStation E32, P300, and P310 devices might allow local users or physically proximate attackers to bypass the Secure Boot protection mechanism by leveraging an AMI test key.
Affected (1)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkcentre E93 | All versions |
Lenovo Thinkcentre M6500t/s | All versions |
Lenovo Thinkcentre M6600 | All versions |
Lenovo Thinkcentre M6600q | All versions |
Lenovo Thinkcentre M6600t/s | All versions |
Lenovo Thinkcentre M73p | All versions |
Lenovo Thinkcentre M800 | All versions |
Lenovo Thinkcentre M83 | All versions |
Lenovo Thinkcentre M8500t/s | All versions |
Lenovo Thinkcentre M8600t/s | All versions |
Lenovo Thinkcentre M900 | All versions |
Lenovo Thinkcentre M93 | All versions |
Lenovo Thinkcentre M93p | All versions |
Lenovo Thinkserver Rq940 | All versions |
Lenovo Thinkserver Rs140 | All versions |
Lenovo Thinkserver Ts140 | All versions |
Lenovo Thinkserver Ts240 | All versions |
Lenovo Thinkserver Ts440 | All versions |
Lenovo Thinkserver Ts540 | All versions |
Lenovo Thinkstation E32 | All versions |
Lenovo Thinkstation P300 | All versions |
Lenovo Thinkstation P310 | All versions |
Related CWEs
References (4)
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationVendor Advisory
Timeline
No history available yet.