CVE-2023-4856 | Lenovo SMM/SMM2/FPC API Endpoint os command injection

Inserito da Angelo Barbosa | Apr 15, 2024 | CVE

A vulnerability classified as critical has been found in Lenovo SMM, SMM2 and FPC. Affected is an unknown function of the component API Endpoint. The manipulation leads to os command injection.

This vulnerability is traded as CVE-2023-4856. It is possible to launch the attack remotely. There is no exploit available.

CVE-2023-4856 | Lenovo SMM/SMM2/FPC API Endpoint os command injection

Post correlati

CVE-2024-2725 | Ciges CIGESv2 Package installed.json information disclosure

CVE-2024-36178 | Adobe Experience Manager up to 6.5.20 cross site scripting (apsb24-28)

CVE-2024-21476 | Qualcomm Snapdragon up to XR2+ Gen 1 Platform Channel ID memory corruption

CVE-2023-38651 | GTKWave 3.3.115 VZT vzt_rd_block_vch_decode integer overflow (TALOS-2023-1814)