An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code.
oryginał ENCVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HLenovo Thinkpad P14s Gen 1
HWLenovowszystkie wersjeLenovo Thinkpad P14s Gen 1 Firmware
OSLenovo< 1.28Lenovo Thinkpad P14s Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad P14s Gen 2 Firmware
OSLenovowszystkie wersjeLenovo Thinkpad P14s Gen 3
HWLenovowszystkie wersjeLenovo Thinkpad P14s Gen 3 Firmware
OSLenovo< 1.31Lenovo Thinkpad P15 Gen 1
HWLenovowszystkie wersjeLenovo Thinkpad P15 Gen 1 Firmware
OSLenovo< 1.32Lenovo Thinkpad P15 Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad P15 Gen 2 Firmware
OSLenovo< 1.25Lenovo Thinkpad P15s Gen 1
HWLenovowszystkie wersjeLenovo Thinkpad P15s Gen 1 Firmware
OSLenovo< 1.28Lenovo Thinkpad P15s Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad P15s Gen 2 Firmware
OSLenovowszystkie wersjeLenovo Thinkpad P15v Gen 1
HWLenovowszystkie wersjeLenovo Thinkpad P15v Gen 1 Firmware
OSLenovo< 1.32Lenovo Thinkpad P15v Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad P15v Gen 2 Firmware
OSLenovo< 1.19Lenovo Thinkpad P15v Gen 3
HWLenovowszystkie wersjeLenovo Thinkpad P15v Gen 3 Firmware
OSLenovo< 1.15Lenovo Thinkpad P16 Gen 1
HWLenovowszystkie wersjeLenovo Thinkpad P16 Gen 1 Firmware
OSLenovo< 1.17Lenovo Thinkpad P16s Gen 1
HWLenovowszystkie wersjeLenovo Thinkpad P16s Gen 1 Firmware
OSLenovo< 1.31Lenovo Thinkpad P17 Gen 1
HWLenovowszystkie wersjeLenovo Thinkpad P17 Gen 1 Firmware
OSLenovo< 1.32Lenovo Thinkpad P17 Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad P17 Gen 2 Firmware
OSLenovo< 1.25Lenovo Thinkpad P1 Gen 3
HWLenovowszystkie wersjeLenovo Thinkpad P1 Gen 3 Firmware
OSLenovo< 1.27
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
Powiązane podatności
CVE-2023-3112HIGH7.8ten sam produkt
A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that could allow an a...
CVE-2023-4030HIGH8.4ten sam produkt
A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could ...
CVE-2023-5078MEDIUM6.7ten sam produkt
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...
CVE-2022-48189MEDIUM6.7ten sam produkt
An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with ...
CVE-2022-4573MEDIUM6.7ten sam produkt
An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with loca...