PT-2018-7267 · Lenovo · Lenovo System X Server Bios/Uefi

Published

2018-05-04

Updated

2018-06-13

CVE-2017-3775

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Lenovo System x server BIOS/UEFI (affected versions not specified)

Description: The issue concerns the improper authentication of signed code before booting when Secure Boot mode is enabled. This could allow an attacker with physical access to the system to boot unsigned code.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2017-3775

Affected Products

Lenovo System X Server Bios/Uefi

PT-2018-7267 · Lenovo · Lenovo System X Server Bios/Uefi

CVE-2017-3775

Weakness Enumeration

Related Identifiers

Affected Products

References · 3