Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SetupAutomationSmm:Vulnerability in the SMM module allow attacker to write arbitrary code and lead to memory corruption
Vulnerability Description
The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/product_security/home
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
InsydeH2O 安全漏洞
Vulnerability Description
InsydeH2O是中国系微(Insyde)公司的一款可定制固件代码库。 InsydeH2O存在安全漏洞,该漏洞源于SMM模块中的漏洞允许攻击者编写任意代码并导致内存损坏。
CVSS Information
N/A
Vulnerability Type
N/A