6.8 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
32.1%
**Lenovo Security Advisory:******LEN-2014-001
Potential Impact: Execution of arbitrary code
Severity**:** Medium
Summary:
The EDK2 UEFI reference implementation contains multiple vulnerabilities in the Capsule Update mechanism.
Description:
The open source EDK2 project provides a reference implementation of the Unified Extensible Firmware Interface (UEFI). Multiple vulnerabilities have been discovered in the EDK2 Capsule Update mechanism.
Buffer overflow in Capsule Processing Phase - CVE-2014-4859
During the Drive Execution Environment (DXE) phase of the UEFI boot process, the contents of the capsule image are parsed during processing. An integer overflow vulnerability exists in the capsule processing phase that can cause the allocation of a buffer to be unexpectedly small. As a result, attacker-controlled data can be written past the bounds of the buffer.
Write-what-where condition in Coalescing Phase - CVE-2014-4860
During the Pre-EFI Initialization (PEI) phase of the UEFI boot process, the capsule update is coalesced into its original form. Multiple integer overflow vulnerabilities exist in the coalescing phase that can be used to trigger a write-what-where condition.
6.8 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
32.1%