VDB

CVE-2017-3753

CVE-2017-3753 PUBLISHED CVSS 7.199999809265137 HIGH

A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, conditions exist where an attacker with administrative privileges or physical access to a system may be able to run specially crafted code that can allow them to bypass system protections such as Device Guard and Hyper-V.

EPSS 0.04% · 14.1th percentile

Risk Scores

CVSS 2.0
7.199999809265137
EPSS Score
0.04%
14.1th percentile

Affected Products

VendorProductVersions
lenovothinkcentre_m83z_\(aio\)_firmwarefvkt42a
lenovothinkcentre_m910x_firmware
lenovothinkstation_p300_firmwarefbktc6a
lenovoh50-30g_firmwarefckt78a
lenovothinkserver_rd640_firmwarea1tsb5a
lenovothinkstation_d30_\(4354\)_firmware*
lenovothinkcentre_e74z_firmwarefvkt48a
lenovothinkcentre_m8350z_firmwarefvkt42a
lenovothinkserver_rd440_firmwarea0tsb5a
lenovothinkcentre_m8500t\/s_firmwarefbktc5a
lenovom4500_id_firmwarefckt78a
lenovothinkcentre_m810z_firmware
lenovothinkserver_ts250_firmware
lenovothinkstation_e32_firmwarefbktc6a
lenovothinkcentre_m4500q_firmwarefhkt66a
lenovothinkserver_rq750_firmware7.05
lenovothinkcentre_m4500t\/s_firmware*
lenovothinkcentre_m73_firmware*
lenovothinkcentre_m93p_firmwarefbktc5a
lenovoyangtian_s3040_firmware*

…and 92 more

Timeline

  • Jul 27, 2017 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›