How severe is CVE-2016-8222?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2016-8222?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2016-8222 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

A vulnerability has been identified in a signed kernel driver for the BIOS of some ThinkPad systems that can allow an attacker with Windows administrator-level privileges to call System Management Mode (SMM) services. This could lead to a denial of service attack or allow certain BIOS variables or settings to be altered (such as boot sequence). The setting or changing of BIOS passwords is not affected by this vulnerability.

Related Vulnerabilities

CVE-2015-2008

MEDIUM

CVSS:4.4(Medium)

IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x before 7.2.6 includes SSH private keys during backup operations, which allows remote authenticated administrators to obtain sensitive i...

CWE-2842015

CVE-2016-10549

MEDIUM

CVSS:4.4(Medium)

Sails is an MVC style framework for building realtime web applications. Version 0.12.7 and lower have an issue with the CORS configuration where the value of the origin header is reflected as the valu...

CWE-2842016

CVE-2017-18457

MEDIUM

CVSS:4.4(Medium)

cPanel before 62.0.17 allows arbitrary file-read operations via WHM /styled/ URLs (SEC-218).

CWE-2842017

CVE-2019-15967

MEDIUM

CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, local attacker to enable audio recording without notifying users. T...

CWE-2842019

CVE-2020-7253

MEDIUM

CVSS:4.4(Medium)

Improper access control vulnerability in masvc.exe in McAfee Agent (MA) prior to 5.6.4 allows local users with administrator privileges to disable self-protection via a McAfee supplied command-line ut...

CWE-2842020

CVE-2021-1583

MEDIUM

CVSS:4.4(Medium)

A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local ...

CWE-2842021