MEDIUM🇵🇱 Wersja polska

CVE-2022-4574

CVSS 6.7v3.1pub. 2023-10-30upd. 2024-11-21

An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code.  

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Lenovo Thinkpad P14s Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P14s Gen 1 Firmware

    OS
    Lenovo
    < 1.28
  • Lenovo Thinkpad P14s Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P14s Gen 2 Firmware

    OS
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P14s Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P14s Gen 3 Firmware

    OS
    Lenovo
    < 1.31
  • Lenovo Thinkpad P15 Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15 Gen 1 Firmware

    OS
    Lenovo
    < 1.32
  • Lenovo Thinkpad P15 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15 Gen 2 Firmware

    OS
    Lenovo
    < 1.25
  • Lenovo Thinkpad P15s Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15s Gen 1 Firmware

    OS
    Lenovo
    < 1.28
  • Lenovo Thinkpad P15s Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15s Gen 2 Firmware

    OS
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15v Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15v Gen 1 Firmware

    OS
    Lenovo
    < 1.32
  • Lenovo Thinkpad P15v Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15v Gen 2 Firmware

    OS
    Lenovo
    < 1.19
  • Lenovo Thinkpad P15v Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P15v Gen 3 Firmware

    OS
    Lenovo
    < 1.15
  • Lenovo Thinkpad P16 Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P16 Gen 1 Firmware

    OS
    Lenovo
    < 1.17
  • Lenovo Thinkpad P16s Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P16s Gen 1 Firmware

    OS
    Lenovo
    < 1.31
  • Lenovo Thinkpad P17 Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P17 Gen 1 Firmware

    OS
    Lenovo
    < 1.32
  • Lenovo Thinkpad P17 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P17 Gen 2 Firmware

    OS
    Lenovo
    < 1.25
  • Lenovo Thinkpad P1 Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad P1 Gen 3 Firmware

    OS
    Lenovo
    < 1.27
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-3112HIGH7.8ten sam produkt

A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that could allow an a...

CVE-2023-4030HIGH8.4ten sam produkt

A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could ...

CVE-2023-5078MEDIUM6.7ten sam produkt

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...

CVE-2022-48189MEDIUM6.7ten sam produkt

An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with ...

CVE-2022-4573MEDIUM6.7ten sam produkt

An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with loca...