Description
The BIOS for Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, M6600t/s, M73p, M800, M83, M8500t/s, M8600t/s, M900, M93, and M93P devices; ThinkServer RQ940, RS140, TS140, TS240, TS440, and TS540 devices; and ThinkStation E32, P300, and P310 devices might allow local users or physically proximate attackers to bypass the Secure Boot protection mechanism by leveraging an AMI test key.
References (2)
Core 2
Core References
Third Party Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/92661
Mitigation, Vendor Advisory x_refsource_confirm
https://support.lenovo.com/product_security/PS500067
Scores
CVSS v3
7.8
EPSS
0.0007
EPSS Percentile
21.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-254
Status
published
Products (1)
lenovo/bios
Published
Sep 22, 2016
Tracked Since
Feb 18, 2026