MEDIUM🇵🇱 Wersja polska

CVE-2023-4029

CVSS 6.7v3.1pub. 2023-08-17upd. 2024-11-21

A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Lenovo K14 Type 21cu

    HW
    Lenovo
    wszystkie wersje
  • Lenovo K14 Type 21cu Firmware

    OS
    Lenovo
    < 1.12
  • Lenovo K14 Type 21cv

    HW
    Lenovo
    wszystkie wersje
  • Lenovo K14 Type 21cv Firmware

    OS
    Lenovo
    < 1.12
  • Lenovo Thinkpad E14 Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E14 Gen 3 Firmware

    OS
    Lenovo
    < 1.15
  • Lenovo Thinkpad E15 Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E15 Gen 3 Firmware

    OS
    Lenovo
    < 1.15
  • Lenovo Thinkpad L13 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Gen 2 Firmware

    OS
    Lenovo
    < 1.30
  • Lenovo Thinkpad L13 Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Gen 3 Firmware

    OS
    Lenovo
    < 1.19
  • Lenovo Thinkpad L13 Gen 4

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Gen 4 Firmware

    OS
    Lenovo
    < 1.10
  • Lenovo Thinkpad L13 Yoga Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Yoga Gen 2 Firmware

    OS
    Lenovo
    < 1.30
  • Lenovo Thinkpad L13 Yoga Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Yoga Gen 3 Firmware

    OS
    Lenovo
    < 1.19
  • Lenovo Thinkpad L13 Yoga Gen 4

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Yoga Gen 4 Firmware

    OS
    Lenovo
    < 1.10
  • Lenovo Thinkpad L14 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L14 Gen 2 Firmware

    OS
    Lenovo
    < 1.28
  • Lenovo Thinkpad L14 Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L14 Gen 3 Firmware

    OS
    Lenovo
    < 1.23
  • Lenovo Thinkpad L14 Gen 4

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L14 Gen 4 Firmware

    OS
    Lenovo
    < 1.06
  • Lenovo Thinkpad L15 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L15 Gen 2 Firmware

    OS
    Lenovo
    < 1.28
  • Lenovo Thinkpad L15 Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L15 Gen 3 Firmware

    OS
    Lenovo
    < 1.23
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2023-4030HIGH8.4ten sam produkt

A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could ...

CVE-2023-5078MEDIUM6.7ten sam produkt

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...

CVE-2022-4574MEDIUM6.7ten sam produkt

An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker wit...

CVE-2022-48189MEDIUM6.7ten sam produkt

An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with ...

CVE-2023-2290MEDIUM6.4ten sam produkt

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local acces...