An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with local access and elevated privileges to execute arbitrary code.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HLenovo Thinkpad X1 Fold Gen 1
HWLenovowszystkie wersjeLenovo Thinkpad X1 Fold Gen 1 Firmware
OSLenovowszystkie wersje
π΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
Related vulnerabilities
CVE-2022-4574MEDIUM6.7ten sam produkt
An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker wit...
CVE-2022-1108MEDIUM6.7ten sam produkt
A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in T...
CVE-2021-3599MEDIUM6.7ten sam produkt
A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may...
CVE-2021-3786MEDIUM4.4ten sam produkt
A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ...
CVE-2021-3843MEDIUM6.7ten sam produkt
A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker w...