Denial of Service Vulnerability in Lenovo System X BIOS
CVE-2016-8226

4.9MEDIUM

Key Information:

Vendor: Lenovo
Status: System X M5, M6, And X6 BiOS
Vendor: CVE Published:; 26 January 2017

What is CVE-2016-8226?

The BIOS embedded in Lenovo System X M5, M6, and X6 systems contains a vulnerability that allows administrators to unintentionally cause a denial of service. This occurs through the manipulation of UEFI data structures during updates, potentially leading to system instability and inaccessibility. Users are advised to keep their BIOS firmware updated to mitigate this risk. For further details and fixes, see the official Lenovo support documentation.

Affected Version(s)

System X M5, M6, and X6 BIOS various

References

http://www.securityfocus.com/bid/95844

vdb-entryx_refsource_BID

https://support.lenovo.com/us/en/solutions/LEN-11306

x_refsource_CONFIRM

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 26, 2017
Vulnerability Reserved
Sep 16, 2016