AMI BIOS SMM Code Execution Vulnerability

2017-01-08T00:00:00
ID LENOVO:PS500006-NOSID
Type lenovo
Reporter Lenovo
Modified 2017-01-08T00:00:00

Description

Lenovo Security Advisory: LEN-4710

Potential Impact: Execution of code in SMM by an attacker with administrative access

Severity: Medium

Scope of impact: Industry-wide

Summary Description: System Management Mode (SMM) is the most privileged execution mode of the x86 processor. Software System Management Interrupt (SWSMI) handlers are used by software to call on BIOS functions that reside within the SMM. A vulnerability has been identified in one of the SWSMI handlers in the BIOS code from American Megatrends Inc. (AMI) used on some Lenovo systems. This could allow a malicious attacker with administrative access to execute code in the SMM and bypass some BIOS security mechanisms and install software with bootkit functionality.

Mitigation Strategy for Customers (what you should do to protect yourself):

Update your BIOS level to the latest version by following the instructions in the readme file.

Product Impact:

This issue only affects Lenovo products with BIOS firmware from AMI. Brands not listed, such as ThinkPad, do not use AMI firmware and are not affected by this vulnerability.