Design/Logic Flaw

2017-06-0421:29:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system’s embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.

CPENameOperatorVersion
active_protection_systemeq1.73
active_protection_systemeq1.82.0.06
active_protection_systemeq1.20.98
active_protection_systemeq1.62
active_protection_systemeq1.77.0.20
active_protection_systemeq1.34
active_protection_systemeq1.80.8.00
active_protection_systemeq1.77.0.26
active_protection_systemeq1.0.98
active_protection_systemeq1.41

Name	Operator	Version
active_protection_system	eq	1.73
active_protection_system	eq	1.82.0.06
active_protection_system	eq	1.20.98
active_protection_system	eq	1.62
active_protection_system	eq	1.77.0.20
active_protection_system	eq	1.34
active_protection_system	eq	1.80.8.00
active_protection_system	eq	1.77.0.26
active_protection_system	eq	1.0.98
active_protection_system	eq	1.41