A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.
oryginał ENCVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HLenovo Thinkpad 11e 3rd Gen
HWLenovowszystkie wersjeLenovo Thinkpad 11e 3rd Gen Firmware
OSLenovo≤ 1.22≤ 1.29Lenovo Thinkpad 11e 4th Gen Celeron
HWLenovowszystkie wersjeLenovo Thinkpad 11e 4th Gen Celeron Firmware
OSLenovo≤ 1.27Lenovo Thinkpad 11e 4th Gen I3
HWLenovowszystkie wersjeLenovo Thinkpad 11e 4th Gen I3 Firmware
OSLenovo≤ 1.22Lenovo Thinkpad 11e 4th Gen I5
HWLenovowszystkie wersjeLenovo Thinkpad 11e 4th Gen I5 Firmware
OSLenovo≤ 1.22Lenovo Thinkpad 11e 4th Gen I7
HWLenovowszystkie wersjeLenovo Thinkpad 11e 4th Gen I7 Firmware
OSLenovo≤ 1.22Lenovo Thinkpad 11e 5th Gen
HWLenovowszystkie wersjeLenovo Thinkpad 11e 5th Gen Firmware
OSLenovo≤ 1.13Lenovo Thinkpad 11e Yoga Gen 6
HWLenovowszystkie wersjeLenovo Thinkpad 11e Yoga Gen 6 Firmware
OSLenovo≤ 1.12Lenovo Thinkpad 13 Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad 13 Gen 2 Firmware
OSLenovo≤ 1.29Lenovo Thinkpad L13
HWLenovowszystkie wersjeLenovo Thinkpad L13 Firmware
OSLenovo≤ 1.31Lenovo Thinkpad L13 Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad L13 Gen 2 Firmware
OSLenovo≤ 1.11≤ 1.08Lenovo Thinkpad L13 Yoga
HWLenovowszystkie wersjeLenovo Thinkpad L13 Yoga Firmware
OSLenovo≤ 1.31Lenovo Thinkpad L13 Yoga Gen 2
HWLenovowszystkie wersjeLenovo Thinkpad L13 Yoga Gen 2 Firmware
OSLenovo≤ 1.08≤ 1.11Lenovo Thinkpad L14
HWLenovowszystkie wersjeLenovo Thinkpad L14 Firmware
OSLenovo< 1.20.1.17Lenovo Thinkpad L14 Gen 1
HWLenovowszystkie wersjeLenovo Thinkpad L14 Gen 1 Firmware
OSLenovo< 1.15Lenovo Thinkpad L15
HWLenovowszystkie wersjeLenovo Thinkpad L15 Firmware
OSLenovo< 1.20.1.17
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
Powiązane podatności
CVE-2017-3767HIGH7.8ten sam produkt
A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1....
CVE-2023-5078MEDIUM6.7ten sam produkt
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...
CVE-2022-4574MEDIUM6.7ten sam produkt
An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker wit...
CVE-2022-4573MEDIUM6.7ten sam produkt
An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with loca...
CVE-2022-4575MEDIUM6.7ten sam produkt
A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad ...