MEDIUM🇬🇧 English

CVE-2022-48188

CVSS 6.7v3.1pub. 2023-06-05upd. 2024-11-21

A buffer overflow vulnerability in the SecureBootDXE BIOS driver of some Lenovo Desktop and ThinkStation models could allow an attacker with local access to elevate their privileges to execute arbitrary code.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Lenovo Ideacentre 510s 07icb

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Ideacentre 510s 07icb Firmware

    OS
    Lenovo
    < m22kt48a< m22kt49a
  • Lenovo Ideacentre 510s 07ick

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Ideacentre 510s 07ick Firmware

    OS
    Lenovo
    < m30kt28a< m1zkt40a
  • Lenovo Ideacentre 720 18apr

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Ideacentre 720 18apr Firmware

    OS
    Lenovo
    < m25kt63a
  • Lenovo Ideacentre Aio 3 21itl7

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Ideacentre Aio 3 21itl7 Firmware

    OS
    Lenovo
    < o5akt33
  • Lenovo Ideacentre Aio 3 22itl6

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Ideacentre Aio 3 22itl6 Firmware

    OS
    Lenovo
    < o5akt33
  • Lenovo Ideacentre Aio 3 24itl6

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Ideacentre Aio 3 24itl6 Firmware

    OS
    Lenovo
    < o5akt33
  • Lenovo Ideacentre Aio 3 27itl6

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Ideacentre Aio 3 27itl6 Firmware

    OS
    Lenovo
    < o5akt33
  • Lenovo Thinkcentre M720e

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkcentre M720e Firmware

    OS
    Lenovo
    < m1zkt40a
  • Lenovo Thinkcentre M720q

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkcentre M720q Firmware

    OS
    Lenovo
    < m1ukt70a
  • Lenovo Thinkcentre M720s

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkcentre M720s Firmware

    OS
    Lenovo
    < m1ukt70a
  • Lenovo Thinkcentre M720t

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkcentre M720t Firmware

    OS
    Lenovo
    < m1ukt70a
  • Lenovo Thinkcentre M725s

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkcentre M725s Firmware

    OS
    Lenovo
    < m25kt63a
  • Lenovo Thinkcentre M75s Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkcentre M75s Gen 2 Firmware

    OS
    Lenovo
    < m3bkt30a< m46kt30a
  • Lenovo Thinkcentre M75t Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkcentre M75t Gen 2 Firmware

    OS
    Lenovo
    < m46kt30a< m3akt4ca
  • Lenovo Thinkcentre M920q

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkcentre M920q Firmware

    OS
    Lenovo
    < m1ukt70a
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEMemory
CWE
Referencje

Powiązane podatności

CVE-2019-6188CRITICAL9.8ten sam produkt

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T460p, BIOS versions up to R07ET90W, ...

CVE-2019-0130HIGH7.4ten sam produkt

Reflected XSS in web interface for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0....

CVE-2019-0135HIGH7.8ten sam produkt

Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version...

CVE-2023-43567MEDIUM6.7ten sam produkt

A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may al...

CVE-2023-43568MEDIUM4.4ten sam produkt

A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may a...