Unrated severityNVD Advisory· Published Jun 26, 2023· Updated Sep 16, 2024

CVE-2023-2992

Description

An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore access to the management web server.

Affected products

Lenovo/SMM v1llm-create
Lenovo/SMM v2llm-create
Lenovo/FPCllm-fuzzy
Lenovo/Fan Power Controller2 (FPC2)cpe-rescue
Range: various
Lenovo/System Management Modulecpe-rescue
Range: various

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.lenovo.com/us/en/product_security/LEN-127357mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000