Lucene search
+L

6 matches found

cve
cve
added 2025/07/30 12:42 a.m.22 views

CVE-2025-4423

CVE-2025-4423 is linked to Lenovo devices running InsydeH2O firmware. Connected documents describe a vulnerability in the InsydeH2O/SMM subsystem that allows a local attacker with privileges to write arbitrary code and trigger memory corruption (buffer flaw), enabling a local privilege escalation...

8.2CVSS6.6AI score0.00182EPSS
Exploits0References2
cvelist
cvelist
added 2025/07/30 12:40 a.m.11 views

CVE-2025-4422 EfiSmiServices : EfiPcdProtocol, SMM memory corruption vulnerabilities in SMM module

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/productsecurity/home...

8.2CVSS0.00182EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/07/30 12:39 a.m.2 views

CVE-2025-4421 EfiSmiServices: gEfiSmmCpuProtocol, SMM memory corruption vulnerabilities in SMM module

The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/productsecurity/home...

8.2CVSS6.4AI score0.00195EPSS
Exploits0References2
cve
cve
added 2025/07/30 12:39 a.m.21 views

CVE-2025-4421

CVE-2025-4421 involves SMM memory corruption in the InsydeH2O firmware, linked to Lenovo-related firmware code. The root cause is a vulnerability in the SMM module involving gEfiSmmCpuProtocol/EfiSmiServices that can corrupt SMM memory. Connected docs describe insecure firmware leading to unautho...

8.2CVSS6.6AI score0.00195EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/04/15 12:0 a.m.6 views

Lenovo SMM/SMM2/FPC 安全漏洞

Lenovo SMM/SMM2/FPC is an application from Lenovo China. A security vulnerability exists in Lenovo SMM/SMM2/FPC that stems from a command injection vulnerability. An attacker can use this vulnerability to execute unauthorized commands via IPMI...

7.2CVSS7.8AI score0.01131EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/04/15 12:0 a.m.3 views

Lenovo SMM/SMM2/FPC 安全漏洞

Lenovo SMM/SMM2/FPC is an application from Lenovo China. A security vulnerability exists in Lenovo SMM/SMM2/FPC that stems from an authentication bypass vulnerability. The vulnerability can be exploited by an attacker to invoke certain IPMI, which could lead to information disclosure...

7.5CVSS6.6AI score0.0053EPSS
Exploits0References2
Rows per page
Query Builder