CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
30.6%
A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage.
[
{
"product": "Notebook BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
]
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
30.6%