SB2023101308 - Security restrictions bypass in Lenovo ThinkPad products
Published: October 13, 2023
Security Bulletin ID
SB2023101308
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Physical access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Security features bypass (CVE-ID: CVE-2023-5078)
The vulnerability allows an attacker to compromise the affected system.
The vulnerability exists due to unspecified error in the BIOS of some Lenovo ThinkPad products. An attacker with physical access to device can tamper with BIOS firmware.
Remediation
Install update from vendor's website.