MEDIUM🇵🇱 Wersja polska

CVE-2022-1107

CVSS 6.7v3.1pub. 2022-04-22upd. 2024-11-21

During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Lenovo Thinkpad 11e

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e Firmware

    OS
    Lenovo
    < n15et78w
  • Lenovo Thinkpad 11e Yoga

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e Yoga Firmware

    OS
    Lenovo
    < n15et78w
  • Lenovo Thinkpad Helix

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad Helix Firmware

    OS
    Lenovo
    < n17eta8w
  • Lenovo Thinkpad L560

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L560 Firmware

    OS
    Lenovo
    < n1het85w
  • Lenovo Thinkpad L570

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L570 Firmware

    OS
    Lenovo
    < n1xet65w
  • Lenovo Thinkpad P50s

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P50s Firmware

    OS
    Lenovo
    < n1ket46w
  • Lenovo Thinkpad P51s

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P51s Firmware

    OS
    Lenovo
    < n1vet50w
  • Lenovo Thinkpad P52s

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P52s Firmware

    OS
    Lenovo
    < n27et36w
  • Lenovo Thinkpad S540

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad S540 Firmware

    OS
    Lenovo
    < gpet80ww
  • Lenovo Thinkpad T550

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T550 Firmware

    OS
    Lenovo
    < n11et50w
  • Lenovo Thinkpad T560

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T560 Firmware

    OS
    Lenovo
    < n1ket46w
  • Lenovo Thinkpad T570

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T570 Firmware

    OS
    Lenovo
    < n1vet50w
  • Lenovo Thinkpad T580

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T580 Firmware

    OS
    Lenovo
    < n27et36w
  • Lenovo Thinkpad W540

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad W540 Firmware

    OS
    Lenovo
    < gnet92ww
  • Lenovo Thinkpad W541

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad W541 Firmware

    OS
    Lenovo
    < gnet92ww
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2019-18619HIGH7.8ten sam produkt

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all ver...

CVE-2018-16098HIGH7.8ten sam produkt

In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics...

CVE-2017-3767HIGH7.8ten sam produkt

A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1....

CVE-2022-4575MEDIUM6.7ten sam produkt

A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad ...

CVE-2021-3599MEDIUM6.7ten sam produkt

A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may...