2023-08-23
|
CVE-2022-3744
|
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential.
|
Ideapad_1\-14ijl7_firmware, Ideapad_1\-15ijl7_firmware, Ideapad_1_14iau7_firmware, Ideapad_1_14igl7_firmware, Ideapad_1_15iau7_firmware, Ideapad_1_15igl7_firmware, Ideapad_3\-14igl05_firmware, Ideapad_3\-14iil05_firmware, Ideapad_3\-14iml05_firmware, Ideapad_3\-14itl05_firmware, Ideapad_3\-14itl6_firmware, Ideapad_3\-15igl05_firmware, Ideapad_3\-15iil05_firmware, Ideapad_3\-15iml05_firmware, Ideapad_3\-15itl05_firmware, Ideapad_3\-15itl6_firmware, Ideapad_3\-17iil05_firmware, Ideapad_3\-17iml05_firmware, Ideapad_3\-17itl6_firmware, Ideapad_3_14iau7_firmware, Ideapad_3_15iau7_firmware, Ideapad_3_17iau7_firmware, Ideapad_5\-15iil05_firmware, Ideapad_5\-15itl05_firmware, Ideapad_5_15ial7_firmware, Ideapad_creator_5\-15imh05_firmware, Ideapad_gaming_3\-15imh05_firmware, L3\-15iml05_firmware, L3\-15itl6_firmware, Legion_5\-15imh05_firmware, Legion_5\-15imh05h_firmware, Legion_5\-15imh6_firmware, Legion_5\-15ith6_firmware, Legion_5\-15ith6h_firmware, Legion_5\-17imh05_firmware, Legion_5\-17imh05h_firmware, Legion_5\-17ith6_firmware, Legion_5\-17ith6h_firmware, Legion_5_15iah7_firmware, Legion_5_15iah7h_firmware, Legion_5_pro\-16ith6_firmware, Legion_5_pro\-16ith6h_firmware, Legion_5_pro_16iah7_firmware, Legion_5_pro_16iah7h_firmware, Legion_5p\-15imh05_firmware, Legion_5p\-15imh05h_firmware, Legion_7\-16ithg6_firmware, Legion_7_16iax7_firmware, S14_g2_itl_firmware, S14_g3_iap_firmware, S540\-13itl_firmware, Slim_7_14iap7_firmware, Slim_7_carbon_13iap7_firmware, Slim_7_pro\-14ihu5_firmware, Slim_7_prox_14iah7_firmware, Slim_9\-14itl05_firmware, Slim_9_14iap7_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_15p_imh_firmware, V14\-Igl_firmware, V14_g1\-Iml_firmware, V14_g2\-Itl_firmware, V14_g2_ijl_firmware, V14_g3_iap_firmware, V15\-Igl_firmware, V15_g1\-Iml_firmware, V15_g2\-Itl_firmware, V15_g2_ijl_firmware, V15_g3_iap_firmware, V17\-Iil_firmware, V17_g2\-Itl_firmware, V17_g3_iap_firmware, Yoga_7\-14itl5_firmware, Yoga_7\-15itl5_firmware, Yoga_7_14ial7_firmware, Yoga_7_16iah7_firmware, Yoga_7_16iap7_firmware, Yoga_9_14iap7_firmware, Yoga_slim_7_carbon_13iap7_firmware, Yoga_slim_7_pro\-14ihu5_firmware, Yoga_slim_7_pro\-14ihu5_o_firmware, Yoga_slim_7_pro\-14itl5_firmware, Yoga_slim_7_pro_14iah7_firmware, Yoga_slim_7_pro_14iap7_firmware, Yoga_slim_7_prox_14iah7_firmware, Yoga_slim_9\-14itl05_firmware, Yoga_slim_9_14iap7_firmware
|
6.7
|
|
|
2023-08-23
|
CVE-2022-3743
|
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller (EC) commands.
|
Ideapad_1\-14ijl7_firmware, Ideapad_1\-15ijl7_firmware, Ideapad_1_14iau7_firmware, Ideapad_1_14igl7_firmware, Ideapad_1_15iau7_firmware, Ideapad_1_15igl7_firmware, Ideapad_3\-14igl05_firmware, Ideapad_3\-14iil05_firmware, Ideapad_3\-14iml05_firmware, Ideapad_3\-14itl05_firmware, Ideapad_3\-14itl6_firmware, Ideapad_3\-15igl05_firmware, Ideapad_3\-15iil05_firmware, Ideapad_3\-15iml05_firmware, Ideapad_3\-15itl05_firmware, Ideapad_3\-15itl6_firmware, Ideapad_3\-17iil05_firmware, Ideapad_3\-17iml05_firmware, Ideapad_3\-17itl6_firmware, Ideapad_3_14iau7_firmware, Ideapad_3_15iau7_firmware, Ideapad_3_17iau7_firmware, Ideapad_5\-15iil05_firmware, Ideapad_5\-15itl05_firmware, Ideapad_5_15ial7_firmware, Ideapad_creator_5\-15imh05_firmware, Ideapad_gaming_3\-15imh05_firmware, L3\-15iml05_firmware, L3\-15itl6_firmware, Legion_5\-15imh05_firmware, Legion_5\-15imh05h_firmware, Legion_5\-15imh6_firmware, Legion_5\-15ith6_firmware, Legion_5\-15ith6h_firmware, Legion_5\-17imh05_firmware, Legion_5\-17imh05h_firmware, Legion_5\-17ith6_firmware, Legion_5\-17ith6h_firmware, Legion_5_15iah7_firmware, Legion_5_15iah7h_firmware, Legion_5_pro\-16ith6_firmware, Legion_5_pro\-16ith6h_firmware, Legion_5_pro_16iah7_firmware, Legion_5_pro_16iah7h_firmware, Legion_5p\-15imh05_firmware, Legion_5p\-15imh05h_firmware, Legion_7\-16ithg6_firmware, Legion_7_16iax7_firmware, S14_g2_itl_firmware, S14_g3_iap_firmware, S540\-13itl_firmware, Slim_7_14iap7_firmware, Slim_7_carbon_13iap7_firmware, Slim_7_pro\-14ihu5_firmware, Slim_7_prox_14iah7_firmware, Slim_9\-14itl05_firmware, Slim_9_14iap7_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_15p_imh_firmware, V14\-Igl_firmware, V14_g1\-Iml_firmware, V14_g2\-Itl_firmware, V14_g2_ijl_firmware, V14_g3_iap_firmware, V15\-Igl_firmware, V15_g1\-Iml_firmware, V15_g2\-Itl_firmware, V15_g2_ijl_firmware, V15_g3_iap_firmware, V17\-Iil_firmware, V17_g2\-Itl_firmware, V17_g3_iap_firmware, Yoga_7\-14itl5_firmware, Yoga_7\-15itl5_firmware, Yoga_7_14ial7_firmware, Yoga_7_16iah7_firmware, Yoga_7_16iap7_firmware, Yoga_9_14iap7_firmware, Yoga_slim_7_carbon_13iap7_firmware, Yoga_slim_7_pro\-14ihu5_firmware, Yoga_slim_7_pro\-14ihu5_o_firmware, Yoga_slim_7_pro\-14itl5_firmware, Yoga_slim_7_pro_14iah7_firmware, Yoga_slim_7_pro_14iap7_firmware, Yoga_slim_7_prox_14iah7_firmware, Yoga_slim_9\-14itl05_firmware, Yoga_slim_9_14iap7_firmware
|
4.4
|
|
|
2023-08-23
|
CVE-2022-3742
|
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation.
|
Ideapad_1\-14ijl7_firmware, Ideapad_1\-15ijl7_firmware, Ideapad_1_14iau7_firmware, Ideapad_1_14igl7_firmware, Ideapad_1_15iau7_firmware, Ideapad_1_15igl7_firmware, Ideapad_3\-14igl05_firmware, Ideapad_3\-14iil05_firmware, Ideapad_3\-14iml05_firmware, Ideapad_3\-14itl05_firmware, Ideapad_3\-14itl6_firmware, Ideapad_3\-15igl05_firmware, Ideapad_3\-15iil05_firmware, Ideapad_3\-15iml05_firmware, Ideapad_3\-15itl05_firmware, Ideapad_3\-15itl6_firmware, Ideapad_3\-17iil05_firmware, Ideapad_3\-17iml05_firmware, Ideapad_3\-17itl6_firmware, Ideapad_3_14iau7_firmware, Ideapad_3_15iau7_firmware, Ideapad_3_17iau7_firmware, Ideapad_5\-15iil05_firmware, Ideapad_5\-15itl05_firmware, Ideapad_5_15ial7_firmware, Ideapad_creator_5\-15imh05_firmware, Ideapad_gaming_3\-15imh05_firmware, L3\-15iml05_firmware, L3\-15itl6_firmware, Legion_5\-15imh05_firmware, Legion_5\-15imh05h_firmware, Legion_5\-15imh6_firmware, Legion_5\-15ith6_firmware, Legion_5\-15ith6h_firmware, Legion_5\-17imh05_firmware, Legion_5\-17imh05h_firmware, Legion_5\-17ith6_firmware, Legion_5\-17ith6h_firmware, Legion_5_15iah7_firmware, Legion_5_15iah7h_firmware, Legion_5_pro\-16ith6_firmware, Legion_5_pro\-16ith6h_firmware, Legion_5_pro_16iah7_firmware, Legion_5_pro_16iah7h_firmware, Legion_5p\-15imh05_firmware, Legion_5p\-15imh05h_firmware, Legion_7\-16ithg6_firmware, Legion_7_16iax7_firmware, S14_g2_itl_firmware, S14_g3_iap_firmware, S540\-13itl_firmware, Slim_7_14iap7_firmware, Slim_7_carbon_13iap7_firmware, Slim_7_pro\-14ihu5_firmware, Slim_7_prox_14iah7_firmware, Slim_9\-14itl05_firmware, Slim_9_14iap7_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_15p_imh_firmware, V14\-Igl_firmware, V14_g1\-Iml_firmware, V14_g2\-Itl_firmware, V14_g2_ijl_firmware, V14_g3_iap_firmware, V15\-Igl_firmware, V15_g1\-Iml_firmware, V15_g2\-Itl_firmware, V15_g2_ijl_firmware, V15_g3_iap_firmware, V17\-Iil_firmware, V17_g2\-Itl_firmware, V17_g3_iap_firmware, Yoga_7\-14itl5_firmware, Yoga_7\-15itl5_firmware, Yoga_7_14ial7_firmware, Yoga_7_16iah7_firmware, Yoga_7_16iap7_firmware, Yoga_9_14iap7_firmware, Yoga_slim_7_carbon_13iap7_firmware, Yoga_slim_7_pro\-14ihu5_firmware, Yoga_slim_7_pro\-14ihu5_o_firmware, Yoga_slim_7_pro\-14itl5_firmware, Yoga_slim_7_pro_14iah7_firmware, Yoga_slim_7_pro_14iap7_firmware, Yoga_slim_7_prox_14iah7_firmware, Yoga_slim_9\-14itl05_firmware, Yoga_slim_9_14iap7_firmware
|
6.7
|
|
|
2023-08-23
|
CVE-2022-3746
|
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller (EC) interface.
|
Ideapad_1\-14ijl7_firmware, Ideapad_1\-15ijl7_firmware, Ideapad_1_14iau7_firmware, Ideapad_1_14igl7_firmware, Ideapad_1_15iau7_firmware, Ideapad_1_15igl7_firmware, Ideapad_3\-14igl05_firmware, Ideapad_3\-14iil05_firmware, Ideapad_3\-14iml05_firmware, Ideapad_3\-14itl05_firmware, Ideapad_3\-14itl6_firmware, Ideapad_3\-15igl05_firmware, Ideapad_3\-15iil05_firmware, Ideapad_3\-15iml05_firmware, Ideapad_3\-15itl05_firmware, Ideapad_3\-15itl6_firmware, Ideapad_3\-17iil05_firmware, Ideapad_3\-17iml05_firmware, Ideapad_3\-17itl6_firmware, Ideapad_3_14iau7_firmware, Ideapad_3_15iau7_firmware, Ideapad_3_17iau7_firmware, Ideapad_5\-15iil05_firmware, Ideapad_5\-15itl05_firmware, Ideapad_5_15ial7_firmware, Ideapad_creator_5\-15imh05_firmware, Ideapad_gaming_3\-15imh05_firmware, L3\-15iml05_firmware, L3\-15itl6_firmware, Legion_5\-15imh05_firmware, Legion_5\-15imh05h_firmware, Legion_5\-15imh6_firmware, Legion_5\-15ith6_firmware, Legion_5\-15ith6h_firmware, Legion_5\-17imh05_firmware, Legion_5\-17imh05h_firmware, Legion_5\-17ith6_firmware, Legion_5\-17ith6h_firmware, Legion_5_15iah7_firmware, Legion_5_15iah7h_firmware, Legion_5_pro\-16ith6_firmware, Legion_5_pro\-16ith6h_firmware, Legion_5_pro_16iah7_firmware, Legion_5_pro_16iah7h_firmware, Legion_5p\-15imh05_firmware, Legion_5p\-15imh05h_firmware, Legion_7\-16ithg6_firmware, Legion_7_16iax7_firmware, S14_g2_itl_firmware, S14_g3_iap_firmware, S540\-13itl_firmware, Slim_7_14iap7_firmware, Slim_7_carbon_13iap7_firmware, Slim_7_pro\-14ihu5_firmware, Slim_7_prox_14iah7_firmware, Slim_9\-14itl05_firmware, Slim_9_14iap7_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_15p_imh_firmware, V14\-Igl_firmware, V14_g1\-Iml_firmware, V14_g2\-Itl_firmware, V14_g2_ijl_firmware, V14_g3_iap_firmware, V15\-Igl_firmware, V15_g1\-Iml_firmware, V15_g2\-Itl_firmware, V15_g2_ijl_firmware, V15_g3_iap_firmware, V17\-Iil_firmware, V17_g2\-Itl_firmware, V17_g3_iap_firmware, Yoga_7\-14itl5_firmware, Yoga_7\-15itl5_firmware, Yoga_7_14ial7_firmware, Yoga_7_16iah7_firmware, Yoga_7_16iap7_firmware, Yoga_9_14iap7_firmware, Yoga_slim_7_carbon_13iap7_firmware, Yoga_slim_7_pro\-14ihu5_firmware, Yoga_slim_7_pro\-14ihu5_o_firmware, Yoga_slim_7_pro\-14itl5_firmware, Yoga_slim_7_pro_14iah7_firmware, Yoga_slim_7_pro_14iap7_firmware, Yoga_slim_7_prox_14iah7_firmware, Yoga_slim_9\-14itl05_firmware, Yoga_slim_9_14iap7_firmware
|
6.7
|
|
|
2023-08-23
|
CVE-2022-3745
|
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI.
|
Ideapad_1\-14ijl7_firmware, Ideapad_1\-15ijl7_firmware, Ideapad_1_14iau7_firmware, Ideapad_1_14igl7_firmware, Ideapad_1_15iau7_firmware, Ideapad_1_15igl7_firmware, Ideapad_3\-14igl05_firmware, Ideapad_3\-14iil05_firmware, Ideapad_3\-14iml05_firmware, Ideapad_3\-14itl05_firmware, Ideapad_3\-14itl6_firmware, Ideapad_3\-15igl05_firmware, Ideapad_3\-15iil05_firmware, Ideapad_3\-15iml05_firmware, Ideapad_3\-15itl05_firmware, Ideapad_3\-15itl6_firmware, Ideapad_3\-17iil05_firmware, Ideapad_3\-17iml05_firmware, Ideapad_3\-17itl6_firmware, Ideapad_3_14iau7_firmware, Ideapad_3_15iau7_firmware, Ideapad_3_17iau7_firmware, Ideapad_5\-15iil05_firmware, Ideapad_5\-15itl05_firmware, Ideapad_5_15ial7_firmware, Ideapad_creator_5\-15imh05_firmware, Ideapad_gaming_3\-15imh05_firmware, L3\-15iml05_firmware, L3\-15itl6_firmware, Legion_5\-15imh05_firmware, Legion_5\-15imh05h_firmware, Legion_5\-15imh6_firmware, Legion_5\-15ith6_firmware, Legion_5\-15ith6h_firmware, Legion_5\-17imh05_firmware, Legion_5\-17imh05h_firmware, Legion_5\-17ith6_firmware, Legion_5\-17ith6h_firmware, Legion_5_15iah7_firmware, Legion_5_15iah7h_firmware, Legion_5_pro\-16ith6_firmware, Legion_5_pro\-16ith6h_firmware, Legion_5_pro_16iah7_firmware, Legion_5_pro_16iah7h_firmware, Legion_5p\-15imh05_firmware, Legion_5p\-15imh05h_firmware, Legion_7\-16ithg6_firmware, Legion_7_16iax7_firmware, S14_g2_itl_firmware, S14_g3_iap_firmware, S540\-13itl_firmware, Slim_7_14iap7_firmware, Slim_7_carbon_13iap7_firmware, Slim_7_pro\-14ihu5_firmware, Slim_7_prox_14iah7_firmware, Slim_9\-14itl05_firmware, Slim_9_14iap7_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_15p_imh_firmware, V14\-Igl_firmware, V14_g1\-Iml_firmware, V14_g2\-Itl_firmware, V14_g2_ijl_firmware, V14_g3_iap_firmware, V15\-Igl_firmware, V15_g1\-Iml_firmware, V15_g2\-Itl_firmware, V15_g2_ijl_firmware, V15_g3_iap_firmware, V17\-Iil_firmware, V17_g2\-Itl_firmware, V17_g3_iap_firmware, Yoga_7\-14itl5_firmware, Yoga_7\-15itl5_firmware, Yoga_7_14ial7_firmware, Yoga_7_16iah7_firmware, Yoga_7_16iap7_firmware, Yoga_9_14iap7_firmware, Yoga_slim_7_carbon_13iap7_firmware, Yoga_slim_7_pro\-14ihu5_firmware, Yoga_slim_7_pro\-14ihu5_o_firmware, Yoga_slim_7_pro\-14itl5_firmware, Yoga_slim_7_pro_14iah7_firmware, Yoga_slim_7_pro_14iap7_firmware, Yoga_slim_7_prox_14iah7_firmware, Yoga_slim_9\-14itl05_firmware, Yoga_slim_9_14iap7_firmware
|
4.4
|
|
|
2022-04-22
|
CVE-2021-4212
|
A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code.
|
C340\-14iml_firmware, C340\-15iml_firmware, D330\-10igm_firmware, Duet_3\-10igl5_firmware, E41\-50_firmware, Flex\-14iml_firmware, Flex\-15iml_firmware, Ideapad_3\-14are05_firmware, Ideapad_3\-15are05_firmware, Ideapad_3\-17are05_firmware, Ideapad_5\-14alc05_firmware, Ideapad_5\-14are05_firmware, Ideapad_5\-15itl05_firmware, Ideapad_5_pro\-14acn6_firmware, Ideapad_5_pro\-14itl6_firmware, Ideapad_5_pro\-16ihu6_firmware, Ideapad_creator_5\-15imh05_firmware, Ideapad_gaming_3\-15ach6_firmware, Ideapad_gaming_3\-15arh05_firmware, Ideapad_gaming_3\-15imh05_firmware, L340\-15irh_firmware, L340\-15iwl_firmware, L340\-15iwl_touch_firmware, L340\-17irh_firmware, L340\-17iwl_firmware, Legion_y540\-15irh\-Pg0_firmware, Legion_y540\-15irh_firmware, Legion_y540\-17irh\-Pg0_firmware, Legion_y540\-17irh_firmware, Legion_y545\-Pg0_firmware, Legion_y545_firmware, Legion_y7000\-2019\-Pg0_firmware, Legion_y7000\-2019_firmware, S340\-13iml_firmware, S340\-14api_firmware, S340\-14iml_firmware, S340\-15api_firmware, S340\-15api_touch_firmware, S340\-15iml_firmware, S540\-14iml_firmware, S540\-14iml_touch_firmware, S540\-15iml_firmware, Slim_7\-14are05_firmware, Slim_7\-14itl05_firmware, Slim_7\-15iil05_firmware, Slim_7\-15imh05_firmware, Slim_7\-15itl05_firmware, Thinkbook_13x_itg_firmware, Thinkbook_14_g3_itl_firmware, Thinkbook_plus_g2_itg_firmware, V140\-15iwl_firmware, V14\-Are_firmware, V340\-17iwl_firmware, Yoga_6\-13alc6_firmware, Yoga_creator_7\-15imh05_firmware, Yoga_slim_7\-14are05_firmware, Yoga_slim_7\-14iil05_firmware, Yoga_slim_7\-14itl05_firmware, Yoga_slim_7\-15iil05_firmware, Yoga_slim_7\-15imh05_firmware, Yoga_slim_7\-15itl05_firmware, Yoga_slim_7_carbon_13itl5_firmware
|
6.7
|
|
|