VYPR

SMM2

by Lenovo

CVEs (2)

  • CVE-2023-4857HigApr 15, 2024
    risk 0.49cvss 7.5epss 0.01

    An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute certain IPMI calls that could lead to exposure of limited system information.

  • CVE-2023-4855HigApr 15, 2024
    risk 0.47cvss 7.2epss 0.01

    A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute unauthorized commands via IPMI.