MEDIUM🇬🇧 English

CVE-2022-48189

CVSS 6.7v3.1pub. 2023-10-30upd. 2024-11-21

An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Lenovo Thinkpad E14

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E14 Firmware

    OS
    Lenovo
    < 1.23
  • Lenovo Thinkpad E14 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E14 Gen 2 Firmware

    OS
    Lenovo
    < 1.55
  • Lenovo Thinkpad E14 Gen 4

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E14 Gen 4 Firmware

    OS
    Lenovo
    < 1.18< 1.16
  • Lenovo Thinkpad E15

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E15 Firmware

    OS
    Lenovo
    < 1.23
  • Lenovo Thinkpad E15 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E15 Gen 2 Firmware

    OS
    Lenovo
    < 1.55
  • Lenovo Thinkpad E15 Gen 4

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E15 Gen 4 Firmware

    OS
    Lenovo
    < 1.18< 1.16
  • Lenovo Thinkpad E490

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E490 Firmware

    OS
    Lenovo
    < 1.34
  • Lenovo Thinkpad E490s

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E490s Firmware

    OS
    Lenovo
    < 1.34
  • Lenovo Thinkpad E590

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E590 Firmware

    OS
    Lenovo
    < 1.34
  • Lenovo Thinkpad L13 Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Gen 3 Firmware

    OS
    Lenovo
    < 1.14
  • Lenovo Thinkpad L13 Yoga Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Yoga Gen 3 Firmware

    OS
    Lenovo
    < 1.14
  • Lenovo Thinkpad L14

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L14 Firmware

    OS
    Lenovo
    < 1.2< 1.3< 1.26
  • Lenovo Thinkpad L15

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L15 Firmware

    OS
    Lenovo
    < 1.2< 1.3
  • Lenovo Thinkpad L15 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L15 Gen 2 Firmware

    OS
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L15 Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L15 Gen 3 Firmware

    OS
    Lenovo
    < 1.26
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2023-3112HIGH7.8ten sam produkt

A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that could allow an a...

CVE-2023-4030HIGH8.4ten sam produkt

A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could ...

CVE-2019-18619HIGH7.8ten sam produkt

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all ver...

CVE-2023-5078MEDIUM6.7ten sam produkt

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...

CVE-2022-4574MEDIUM6.7ten sam produkt

An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker wit...