Vulnerability Details : CVE-2016-5247
The BIOS for Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, M6600t/s, M73p, M800, M83, M8500t/s, M8600t/s, M900, M93, and M93P devices; ThinkServer RQ940, RS140, TS140, TS240, TS440, and TS540 devices; and ThinkStation E32, P300, and P310 devices might allow local users or physically proximate attackers to bypass the Secure Boot protection mechanism by leveraging an AMI test key.
Products affected by CVE-2016-5247
- cpe:2.3:o:lenovo:bios:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-5247
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-5247
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2016-5247
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-5247
-
https://support.lenovo.com/product_security/PS500067
Lenovo Support HomepageMitigation;Vendor Advisory
-
http://www.securityfocus.com/bid/92661
Lenovo Secure Boot CVE-2016-5247 Local Security Bypass VulnerabilityThird Party Advisory
Jump to