MEDIUM🇬🇧 English

CVE-2022-4574

CVSS 6.7v3.1pub. 2023-10-30upd. 2024-11-21

An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code.  

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Lenovo Thinkpad P14s Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P14s Gen 1 Firmware

    OS
    Lenovo
    < 1.28
  • Lenovo Thinkpad P14s Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P14s Gen 2 Firmware

    OS
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P14s Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P14s Gen 3 Firmware

    OS
    Lenovo
    < 1.31
  • Lenovo Thinkpad P15 Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15 Gen 1 Firmware

    OS
    Lenovo
    < 1.32
  • Lenovo Thinkpad P15 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15 Gen 2 Firmware

    OS
    Lenovo
    < 1.25
  • Lenovo Thinkpad P15s Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15s Gen 1 Firmware

    OS
    Lenovo
    < 1.28
  • Lenovo Thinkpad P15s Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15s Gen 2 Firmware

    OS
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15v Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15v Gen 1 Firmware

    OS
    Lenovo
    < 1.32
  • Lenovo Thinkpad P15v Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15v Gen 2 Firmware

    OS
    Lenovo
    < 1.19
  • Lenovo Thinkpad P15v Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15v Gen 3 Firmware

    OS
    Lenovo
    < 1.15
  • Lenovo Thinkpad P16 Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P16 Gen 1 Firmware

    OS
    Lenovo
    < 1.17
  • Lenovo Thinkpad P16s Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P16s Gen 1 Firmware

    OS
    Lenovo
    < 1.31
  • Lenovo Thinkpad P17 Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P17 Gen 1 Firmware

    OS
    Lenovo
    < 1.32
  • Lenovo Thinkpad P17 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P17 Gen 2 Firmware

    OS
    Lenovo
    < 1.25
  • Lenovo Thinkpad P1 Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P1 Gen 3 Firmware

    OS
    Lenovo
    < 1.27
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2023-3112HIGH7.8ten sam produkt

A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that could allow an a...

CVE-2023-4030HIGH8.4ten sam produkt

A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could ...

CVE-2023-5078MEDIUM6.7ten sam produkt

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...

CVE-2022-48189MEDIUM6.7ten sam produkt

An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with ...

CVE-2022-4573MEDIUM6.7ten sam produkt

An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with loca...