A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HLenovo Thinkpad E14
HWLenovowszystkie wersjeLenovo Thinkpad E14 Firmware
OSLenovo1.23Lenovo Thinkpad E14 Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad E14 Gen 2 Firmware
OSLenovo1.55Lenovo Thinkpad E14 Gen 4
HWLenovowszystkie wersjeLenovo Thinkpad E14 Gen 4 Firmware
OSLenovo1.161.18Lenovo Thinkpad E15
HWLenovowszystkie wersjeLenovo Thinkpad E15 Firmware
OSLenovo1.23Lenovo Thinkpad E15 Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad E15 Gen 2 Firmware
OSLenovo1.55Lenovo Thinkpad E15 Gen 4
HWLenovowszystkie wersjeLenovo Thinkpad E15 Gen 4 Firmware
OSLenovo1.161.18Lenovo Thinkpad E490
HWLenovowszystkie wersjeLenovo Thinkpad E490 Firmware
OSLenovo1.34Lenovo Thinkpad E490s
HWLenovowszystkie wersjeLenovo Thinkpad E490s Firmware
OSLenovo1.34Lenovo Thinkpad E590
HWLenovowszystkie wersjeLenovo Thinkpad E590 Firmware
OSLenovo1.34Lenovo Thinkpad L13 Gen 3
HWLenovowszystkie wersjeLenovo Thinkpad L13 Gen 3 Firmware
OSLenovo1.14Lenovo Thinkpad L13 Yoga Gen 3
HWLenovowszystkie wersjeLenovo Thinkpad L13 Yoga Gen 3 Firmware
OSLenovo1.14Lenovo Thinkpad L14
HWLenovowszystkie wersjeLenovo Thinkpad L14 Firmware
OSLenovo1.21.261.31.481.61Lenovo Thinkpad L15
HWLenovowszystkie wersjeLenovo Thinkpad L15 Firmware
OSLenovo1.21.3Lenovo Thinkpad L15 Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad L15 Gen 2 Firmware
OSLenovo1.481.61Lenovo Thinkpad L15 Gen 3
HWLenovowszystkie wersjeLenovo Thinkpad L15 Gen 3 Firmware
OSLenovo1.26
π΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
Related vulnerabilities
CVE-2023-4030HIGH8.4ten sam produkt
A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could ...
CVE-2019-18619HIGH7.8ten sam produkt
Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all ver...
CVE-2023-5078MEDIUM6.7ten sam produkt
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...
CVE-2022-4574MEDIUM6.7ten sam produkt
An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker wit...
CVE-2022-48189MEDIUM6.7ten sam produkt
An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with ...