CVE-2020-0528 β€” Improper Restriction of Operations within the Bounds of a Memory Buffer in Lenovo Bios

CWE-119 β€” Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 83.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Lenovo Bios
Timeline
PublishedJun 15
Latest updateMay 24

Description

Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

β–ΆCVEListV5lenovo/biosSee provided reference

πŸ”΄Vulnerability Details

2
GHSA
GHSA-99vc-mv52-jqgx: Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated us↗2022-05-24
β–Ά
CVEList
CVE-2020-0528: Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated us↗2020-06-15
β–Ά
CVE-2020-0528 β€” Lenovo Bios vulnerability | cvebase