CVE-2016-8222

moderate-risk

Published 2016-11-30

A vulnerability has been identified in a signed kernel driver for the BIOS of some ThinkPad systems that can allow an attacker with Windows administrator-level privileges to call System Management Mode (SMM) services. This could lead to a denial of service attack or allow certain BIOS variables or settings to be altered (such as boot sequence). The setting or changing of BIOS passwords is not affected by this vulnerability.

Do I need to act?

0.04% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.4/10 Medium

LOCAL / LOW complexity

Affected Products (20)

Thinkpad 10 Ella 2 Bios

Thinkpad 11E Beema Bios

Thinkpad 11E Braswell Bios

Thinkpad 11E Broadwell Bios

Thinkpad 11E Skylake Bios

Thinkpad E450 Bios

Thinkpad E455 Bios

Thinkpad E460 Bios

Thinkpad E560 Bios

Thinkpad E565 Bios

Thinkpad Edge E540 Bios

Thinkpad L450 Bios

Thinkpad L460 Bios

Thinkpad L560 Bios

Thinkpad S1 Yoga 12 Bios

Thinkpad S1 Yoga Non Vpro Bios

Thinkpad S3 S440 Bios

Thinkpad S3 Yoga 14 Bios

Thinkpad S540 Bios

Thinkpad T440S Bios

Affected Vendors

Lenovo

References (4)

http://www.securityfocus.com/bid/94409

Patch https://support.lenovo.com/us/en/solutions/LEN_8327

http://www.securityfocus.com/bid/94409

Patch https://support.lenovo.com/us/en/solutions/LEN_8327

/ 100

moderate-risk

Severity 15/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 28/34 · Critical