6.7
CVE-2023-5078
- EPSS 0.04%
- Published 08.11.2023 22:15:11
- Last modified 21.11.2024 08:41:01
- Source psirt@lenovo.com
- Teams watchlist Login
- Open Login
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware.
Data is provided by the National Vulnerability Database (NVD)
Lenovo ≫ Thinkpad X13 Gen 3 Firmware Version-
Lenovo ≫ Thinkpad S2 Yoga Gen 7 Firmware Version < 1.19
Lenovo ≫ Thinkpad S2 Yoga Gen 6 Firmware Version-
Lenovo ≫ Thinkpad S2 Gen 8 Firmware Version-
Lenovo ≫ Thinkpad P14s Gen 3 Firmware Version-
Lenovo ≫ Thinkpad P16s Gen 1 Firmware Version-
Lenovo ≫ Thinkpad T14 Gen 3 Firmware Version-
Lenovo ≫ Thinkpad T14s Gen 3 Firmware Version-
Lenovo ≫ Thinkpad T16 Gen 1 Firmware Version-
Lenovo ≫ Thinkpad L14 Gen 3 Firmware Version < 1.23
Lenovo ≫ Thinkpad L14 Gen 4 Firmware Version < 1.1
Lenovo ≫ Thinkpad L15 Gen 3 Firmware Version < 1.23
Lenovo ≫ Thinkpad L15 Gen 4 Firmware Version < 1.1
Lenovo ≫ Thinkpad L13 Yoga Gen 4 Firmware Version-
Lenovo ≫ Thinkpad L13 Yoga Gen 3 Firmware Version < 1.19
Lenovo ≫ Thinkpad L13 Yoga Gen 2 Firmware Version-
Lenovo ≫ Thinkpad L13 Gen 4 Firmware Version-
Lenovo ≫ Thinkpad L13 Gen 3 Firmware Version < 1.19
Lenovo ≫ Thinkpad L13 Gen 2 Firmware Version-
Lenovo ≫ Thinkpad S2 Yoga Gen 8 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.112 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| psirt@lenovo.com | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|