CVE-2025-4426 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
Insyde	CNA	6 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 1%

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Vulnerability Media Exposure

[GERMAN] Insyde BIOS (Lenovo): Mehrere Schwachstellen
Ein lokaler Angreifer mit hohen Rechten kann mehrere Schwachstellen in der Insyde UEFI Firmware und dem Lenovo BIOS ausnutzen, um beliebigen Code auszuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben oder nicht spezifizierte Angriffe durchzuführen.
Published: 2025-07-29T22:00:00+00:00

References

https://support.lenovo.com/us/en/product_security/home

https://www.insyde.com/security-pledge/sa-2025007/