A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, conditions exist where an attacker with administrative privileges or physical access to a system may be able to run specially crafted code that can allow them to bypass system protections such as Device Guard and Hyper-V.

Related CVEs

CVE-2017-3753

Key Information

GHSA ID

GHSA-97c7-jg3h-5vf5

Published

May 17, 2022 1:22 AM

Last Modified

May 17, 2022 1:22 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 31, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.