Buffer Overflow Vulnerability in Lenovo Service Engine (LSE) Allows Remote Code Execution

Buffer Overflow Vulnerability in Lenovo Service Engine (LSE) Allows Remote Code Execution

CVE-2015-5684 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflow vulnerability was reported, (fixed and publicly disclosed in 2015) in the Lenovo Service Engine (LSE), affecting various versions of BIOS for Lenovo Notebooks, that could allow a remote user to execute arbitrary code on the system.

Learn more about our Cis Benchmark Audit For Apple Ios.