77 matches found
CVE-2020-10278
The BIOS onboard MiR's Computer is not protected by password, therefore, it allows a Bad Operator to modify settings such as boot order. This can be leveraged by a Malicious operator to boot from a Live Image...
Multi-vendor BIOS Security Vulnerabilities (June 2020) - Lenovo Support US
Lenovo Security Advisory: LEN-30042 Potential Impact: Privilege escalation, denial of service, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0528, CVE-2020-0529, CVE-2020-8320, CVE-2020-8321, CVE-2020-8322, CVE-2020-8323, CVE-2020-8333, CVE-2020-833...
Multi-vendor BIOS Security Vulnerabilities - Lenovo Support US
No description provided...
Intel Graphics Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-28235 Potential Impact: Escalation of Privilege, Denial of Service, Information Disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-0154, CVE-2019-0155, , CVE-2019-11089, CVE-2019-11111, CVE-2019-11112, CVE-2019-11113, CVE-2019-14574,...
The vulnerability of UEFI (BIOS) software on HP workstations allows a hacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of UEFI BIOS software on HP workstations is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information, provided that the TPM module is disabled...
Design/Logic Flaw
A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. The BIOS password was stored in CMOS in a way that allowed it to be extracted. This applies to consumer notebooks launched in early 2014...
CVE-2009-5151
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS. This allows a privileged local user to achieve persistent control of BIOS behavior,...
Intel® NUC BIOS Security Updates
Summary: This update mitigates multiple vulnerabilities related to security features in certain Intel® NUC system firmware BIOS. Description: BIOS Administrator and User password bypass: Insufficient protection of password storage in system firmware for NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH,...
BIOS EFI Driver SMM Code Execution Vulnerability - Lenovo Support MY
No description provided...
S3 Boot Script Protection
Lenovo Security Advisory: LEN-2014-006 Potential Impact: Elevation of Privilege Severity: Medium Summary: Certain firmware implementations may not correctly protect memory that stores the BIOS S3 Boot Script when a system is suspended. Exploitation of such vulnerabilities could potentially lead t...
NIST Offers Guidelines for Securing BIOS
As security defenses have advanced and become more adaptive in the last decade, malware authors and attackers have had to respond, looking for new ways to get their malicious software onto PCs or exploit previously unknown vulnerabilities. One target is the system BIOS, the low-level instruction...
[IVIZ-08-002] Hewlett-Packard BIOS Plain Text Password Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- iViZ Security Advisory 08-002 25/08/2008 - ----------------------------------------------------------------------- iViZ Techno Solutions Pvt. Ltd. http://www.ivizsecurity.com -...
[IVIZ-08-004] Intel BIOS Plain Text Password Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- iViZ Security Advisory 08-004 25/08/2008 - ----------------------------------------------------------------------- iViZ Techno Solutions Pvt. Ltd. http://www.ivizsecurity.com -...
Breakthrough in the users permissions broken star Lann-bug warning-the black bar safety net
users permissions are really so low? Our school room has restore card, USB are also sealed, and the BIOS has a super-long password, the external network is also nowhere. Installed VB and the star LAN multimedia network classroom. But with my generation is not going to use VB coding to a broken...
CVE-2005-4175
Insyde BIOS V190 does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory...
CVE-2005-4175
Insyde BIOS V190 does not clear the keyboard buffer after reading the BIOS password during system startup, which allows local administrators or users to read the password directly from physical memory...
bios-backdoors.txt
Date: Tue, 3 Nov 1998 13:22:20 -0600 From: Paul L Schmehl To: [email protected] Subject: BIOS Backdoor Passwords I've been out of the office since posting the comments about the ineffectiveness of BIOS passwords, and I returned to find to my surprise numerous requests for informati...