Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-26	CVE-2023-2993	Improper Preservation of Permissions vulnerability in Lenovo products A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute. network low complexity lenovo CWE-281	6.3