CVE-2023-0683 Information

Description

A valid authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call.

Reference

https://support.lenovo.com/us/en/product_security/LEN-99936