MEDIUM🇵🇱 Wersja polska

CVE-2023-2290

CVSS 6.4v3.1pub. 2023-06-26upd. 2024-11-21

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code.

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Lenovo Thinkpad E14

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E14 Firmware

    OS
    Lenovo
    1.23
  • Lenovo Thinkpad E14 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E14 Gen 2 Firmware

    OS
    Lenovo
    1.55
  • Lenovo Thinkpad E14 Gen 4

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E14 Gen 4 Firmware

    OS
    Lenovo
    1.161.18
  • Lenovo Thinkpad E15

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E15 Firmware

    OS
    Lenovo
    1.23
  • Lenovo Thinkpad E15 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E15 Gen 2 Firmware

    OS
    Lenovo
    1.55
  • Lenovo Thinkpad E15 Gen 4

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E15 Gen 4 Firmware

    OS
    Lenovo
    1.161.18
  • Lenovo Thinkpad E490

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E490 Firmware

    OS
    Lenovo
    1.34
  • Lenovo Thinkpad E490s

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E490s Firmware

    OS
    Lenovo
    1.34
  • Lenovo Thinkpad E590

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad E590 Firmware

    OS
    Lenovo
    1.34
  • Lenovo Thinkpad L13 Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Gen 3 Firmware

    OS
    Lenovo
    1.14
  • Lenovo Thinkpad L13 Yoga Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Yoga Gen 3 Firmware

    OS
    Lenovo
    1.14
  • Lenovo Thinkpad L14

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L14 Firmware

    OS
    Lenovo
    1.21.261.31.481.61
  • Lenovo Thinkpad L15

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L15 Firmware

    OS
    Lenovo
    1.21.3
  • Lenovo Thinkpad L15 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L15 Gen 2 Firmware

    OS
    Lenovo
    1.481.61
  • Lenovo Thinkpad L15 Gen 3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L15 Gen 3 Firmware

    OS
    Lenovo
    1.26
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-4030HIGH8.4ten sam produkt

A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could ...

CVE-2019-18619HIGH7.8ten sam produkt

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all ver...

CVE-2023-5078MEDIUM6.7ten sam produkt

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...

CVE-2022-4574MEDIUM6.7ten sam produkt

An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker wit...

CVE-2022-48189MEDIUM6.7ten sam produkt

An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with ...