CVE-2017-3753

N/A

A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, conditions exist where an attacker with administrative privileges or physical access to a system may be able to run specially crafted code that can allow them to bypass system protections such as Device Guard and Hyper-V.

N/A

N/A

多款Lenovo产品BIOS SMI Handler 安全漏洞

Lenovo IdeaCentre 300-20ISH等都是中国联想（Lenovo）公司的产品。Lenovo IdeaCentre 300-20ISH是一款台式计算机；ThinkServer RD540是一款服务器设备。BIOS SMI Handler是其中的一个管理信息结构处理程序。 多款Lenovo产品中的BIOS SMI Handler存在安全漏洞，该漏洞源于程序没有执行输入验证。攻击者可利用该漏洞运行特制的代码，绕过系统保护。以下版本受到影响：Lenovo IdeaCentre 300-20ISH

N/A

N/A