CVE-2017-3775

N/A

Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with physical access to the system could boot unsigned code.

N/A

N/A

多款Lenovo产品安全漏洞

Lenovo Flex System x240 M5等都是中国联想（Lenovo）公司的服务器设备。 多款Lenovo产品中存在安全漏洞，该漏洞源于程序在运行签名的代码之前，没有正确的进行身份验证。物理位置临近的攻击者可利用该漏洞运行未签名的代码。以下产品和版本受到影响：Lenovo Flex System x240 M5 BIOS/UEFI 2.61之前版本；Flex System x280 X6 BIOS/UEFI 4.21之前版本；Flex System x480 X6 BIOS/UEFI 4.21

N/A

N/A