VYPR

SMM/SMM2 and FPC

by Lenovo

CVEs (2)

  • CVE-2023-4856HigApr 15, 2024
    risk 0.57cvss 8.8epss 0.01

    A format string vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute arbitrary commands on a specific API endpoint.

  • CVE-2024-2659Apr 15, 2024
    risk 0.00cvss epss 0.01

    A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function.