2023-01-23
|
CVE-2022-3430
|
A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
|
D330\-10igl_firmware, Ideapad_5_pro_16arh7_firmware, Ideapad_5_pro_16iah7_firmware, Ideapad_duet_3_10igl5_firmware, Ideapad_slim_7\-14iil05_firmware, Ideapad_slim_7\-14itl05_firmware, Ideapad_slim_7\-15iil05_firmware, Slim_7\-14are05_firmware, Slim_7\-15imh05_firmware, Slim_7\-15itl05_firmware, Slim_7_16arh7_firmware, Thinkbook_13x_itg_firmware, Thinkbook_14_g2_are_firmware, Thinkbook_14_g2_itl_firmware, Thinkbook_14_g3_acl_firmware, Thinkbook_14_g3_itl_firmware, Thinkbook_14_g4\+_ara_firmware, Thinkbook_14_g4\+_iap_firmware, Thinkbook_14p_g3_arh_firmware, Thinkbook_14s_yoga_itl_firmware, Thinkbook_15_g2_are_firmware, Thinkbook_15_g2_itl_firmware, Thinkbook_15_g3_acl_firmware, Thinkbook_15_g3_itl_firmware, Thinkbook_15_gd_aba_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_15p_imp_firmware, Thinkbook_16_g4\+_ara_firmware, Thinkbook_16_g4\+_iap_firmware, Thinkbook_16p_g3_arh_firmware, Thinkbook_16p_nx_arh_firmware, Thinkbook_plus_g2_itg_firmware, Thinkbook_plus_g3_iap_firmware, Yoga_creator_7\-15imh05_firmware, Yoga_duet_7\-13iml05_firmware, Yoga_duet_7\-13itl6\-Lte_firmware, Yoga_duet_7\-13itl6_firmware, Yoga_slim_7\-14are05_firmware, Yoga_slim_7\-14iil05_firmware, Yoga_slim_7\-14itl05_firmware, Yoga_slim_7\-15iil05_firmware, Yoga_slim_7\-15imh05_firmware, Yoga_slim_7\-15itl05_firmware, Yoga_slim_7_pro_16arh7_firmware
|
6.7
|
|
|
2023-08-17
|
CVE-2023-34419
|
A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.
|
Legion_5\-15ach6_firmware, Legion_5\-15ach6a_firmware, Legion_5\-15ach6h_firmware, Legion_5\-15ith6_firmware, Legion_5\-15ith6h_firmware, Legion_5\-17ach6_firmware, Legion_5\-17ach6h_firmware, Legion_5\-17ith6_firmware, Legion_5\-17ith6h_firmware, Legion_5_15arh7_firmware, Legion_5_15arh7h_firmware, Legion_5_15iah7_firmware, Legion_5_15iah7h_firmware, Legion_5_pro\-16ach6_firmware, Legion_5_pro\-16ach6h_firmware, Legion_5_pro\-16ith6_firmware, Legion_5_pro\-16ith6h_firmware, Legion_5_pro_16arh7_firmware, Legion_5_pro_16arh7h_firmware, Legion_5_pro_16iah7_firmware, Legion_5_pro_16iah7h_firmware, Legion_7\-16achg6_firmware, Legion_7\-16arha7_firmware, Legion_7\-16ithg6_firmware, Legion_pro_5_16irx8_firmware, Legion_pro_7_16irx8_firmware, Legion_pro_7_16irx8h_firmware, Legion_s7_16arha7_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_16p_g3_arh_firmware
|
6.7
|
|
|
2023-08-23
|
CVE-2022-3742
|
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation.
|
Ideapad_1\-14ijl7_firmware, Ideapad_1\-15ijl7_firmware, Ideapad_1_14iau7_firmware, Ideapad_1_14igl7_firmware, Ideapad_1_15iau7_firmware, Ideapad_1_15igl7_firmware, Ideapad_3\-14igl05_firmware, Ideapad_3\-14iil05_firmware, Ideapad_3\-14iml05_firmware, Ideapad_3\-14itl05_firmware, Ideapad_3\-14itl6_firmware, Ideapad_3\-15igl05_firmware, Ideapad_3\-15iil05_firmware, Ideapad_3\-15iml05_firmware, Ideapad_3\-15itl05_firmware, Ideapad_3\-15itl6_firmware, Ideapad_3\-17iil05_firmware, Ideapad_3\-17iml05_firmware, Ideapad_3\-17itl6_firmware, Ideapad_3_14iau7_firmware, Ideapad_3_15iau7_firmware, Ideapad_3_17iau7_firmware, Ideapad_5\-15iil05_firmware, Ideapad_5\-15itl05_firmware, Ideapad_5_15ial7_firmware, Ideapad_creator_5\-15imh05_firmware, Ideapad_gaming_3\-15imh05_firmware, L3\-15iml05_firmware, L3\-15itl6_firmware, Legion_5\-15imh05_firmware, Legion_5\-15imh05h_firmware, Legion_5\-15imh6_firmware, Legion_5\-15ith6_firmware, Legion_5\-15ith6h_firmware, Legion_5\-17imh05_firmware, Legion_5\-17imh05h_firmware, Legion_5\-17ith6_firmware, Legion_5\-17ith6h_firmware, Legion_5_15iah7_firmware, Legion_5_15iah7h_firmware, Legion_5_pro\-16ith6_firmware, Legion_5_pro\-16ith6h_firmware, Legion_5_pro_16iah7_firmware, Legion_5_pro_16iah7h_firmware, Legion_5p\-15imh05_firmware, Legion_5p\-15imh05h_firmware, Legion_7\-16ithg6_firmware, Legion_7_16iax7_firmware, S14_g2_itl_firmware, S14_g3_iap_firmware, S540\-13itl_firmware, Slim_7_14iap7_firmware, Slim_7_carbon_13iap7_firmware, Slim_7_pro\-14ihu5_firmware, Slim_7_prox_14iah7_firmware, Slim_9\-14itl05_firmware, Slim_9_14iap7_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_15p_imh_firmware, V14\-Igl_firmware, V14_g1\-Iml_firmware, V14_g2\-Itl_firmware, V14_g2_ijl_firmware, V14_g3_iap_firmware, V15\-Igl_firmware, V15_g1\-Iml_firmware, V15_g2\-Itl_firmware, V15_g2_ijl_firmware, V15_g3_iap_firmware, V17\-Iil_firmware, V17_g2\-Itl_firmware, V17_g3_iap_firmware, Yoga_7\-14itl5_firmware, Yoga_7\-15itl5_firmware, Yoga_7_14ial7_firmware, Yoga_7_16iah7_firmware, Yoga_7_16iap7_firmware, Yoga_9_14iap7_firmware, Yoga_slim_7_carbon_13iap7_firmware, Yoga_slim_7_pro\-14ihu5_firmware, Yoga_slim_7_pro\-14ihu5_o_firmware, Yoga_slim_7_pro\-14itl5_firmware, Yoga_slim_7_pro_14iah7_firmware, Yoga_slim_7_pro_14iap7_firmware, Yoga_slim_7_prox_14iah7_firmware, Yoga_slim_9\-14itl05_firmware, Yoga_slim_9_14iap7_firmware
|
6.7
|
|
|
2023-08-23
|
CVE-2022-3743
|
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller (EC) commands.
|
Ideapad_1\-14ijl7_firmware, Ideapad_1\-15ijl7_firmware, Ideapad_1_14iau7_firmware, Ideapad_1_14igl7_firmware, Ideapad_1_15iau7_firmware, Ideapad_1_15igl7_firmware, Ideapad_3\-14igl05_firmware, Ideapad_3\-14iil05_firmware, Ideapad_3\-14iml05_firmware, Ideapad_3\-14itl05_firmware, Ideapad_3\-14itl6_firmware, Ideapad_3\-15igl05_firmware, Ideapad_3\-15iil05_firmware, Ideapad_3\-15iml05_firmware, Ideapad_3\-15itl05_firmware, Ideapad_3\-15itl6_firmware, Ideapad_3\-17iil05_firmware, Ideapad_3\-17iml05_firmware, Ideapad_3\-17itl6_firmware, Ideapad_3_14iau7_firmware, Ideapad_3_15iau7_firmware, Ideapad_3_17iau7_firmware, Ideapad_5\-15iil05_firmware, Ideapad_5\-15itl05_firmware, Ideapad_5_15ial7_firmware, Ideapad_creator_5\-15imh05_firmware, Ideapad_gaming_3\-15imh05_firmware, L3\-15iml05_firmware, L3\-15itl6_firmware, Legion_5\-15imh05_firmware, Legion_5\-15imh05h_firmware, Legion_5\-15imh6_firmware, Legion_5\-15ith6_firmware, Legion_5\-15ith6h_firmware, Legion_5\-17imh05_firmware, Legion_5\-17imh05h_firmware, Legion_5\-17ith6_firmware, Legion_5\-17ith6h_firmware, Legion_5_15iah7_firmware, Legion_5_15iah7h_firmware, Legion_5_pro\-16ith6_firmware, Legion_5_pro\-16ith6h_firmware, Legion_5_pro_16iah7_firmware, Legion_5_pro_16iah7h_firmware, Legion_5p\-15imh05_firmware, Legion_5p\-15imh05h_firmware, Legion_7\-16ithg6_firmware, Legion_7_16iax7_firmware, S14_g2_itl_firmware, S14_g3_iap_firmware, S540\-13itl_firmware, Slim_7_14iap7_firmware, Slim_7_carbon_13iap7_firmware, Slim_7_pro\-14ihu5_firmware, Slim_7_prox_14iah7_firmware, Slim_9\-14itl05_firmware, Slim_9_14iap7_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_15p_imh_firmware, V14\-Igl_firmware, V14_g1\-Iml_firmware, V14_g2\-Itl_firmware, V14_g2_ijl_firmware, V14_g3_iap_firmware, V15\-Igl_firmware, V15_g1\-Iml_firmware, V15_g2\-Itl_firmware, V15_g2_ijl_firmware, V15_g3_iap_firmware, V17\-Iil_firmware, V17_g2\-Itl_firmware, V17_g3_iap_firmware, Yoga_7\-14itl5_firmware, Yoga_7\-15itl5_firmware, Yoga_7_14ial7_firmware, Yoga_7_16iah7_firmware, Yoga_7_16iap7_firmware, Yoga_9_14iap7_firmware, Yoga_slim_7_carbon_13iap7_firmware, Yoga_slim_7_pro\-14ihu5_firmware, Yoga_slim_7_pro\-14ihu5_o_firmware, Yoga_slim_7_pro\-14itl5_firmware, Yoga_slim_7_pro_14iah7_firmware, Yoga_slim_7_pro_14iap7_firmware, Yoga_slim_7_prox_14iah7_firmware, Yoga_slim_9\-14itl05_firmware, Yoga_slim_9_14iap7_firmware
|
4.4
|
|
|
2023-08-23
|
CVE-2022-3744
|
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential.
|
Ideapad_1\-14ijl7_firmware, Ideapad_1\-15ijl7_firmware, Ideapad_1_14iau7_firmware, Ideapad_1_14igl7_firmware, Ideapad_1_15iau7_firmware, Ideapad_1_15igl7_firmware, Ideapad_3\-14igl05_firmware, Ideapad_3\-14iil05_firmware, Ideapad_3\-14iml05_firmware, Ideapad_3\-14itl05_firmware, Ideapad_3\-14itl6_firmware, Ideapad_3\-15igl05_firmware, Ideapad_3\-15iil05_firmware, Ideapad_3\-15iml05_firmware, Ideapad_3\-15itl05_firmware, Ideapad_3\-15itl6_firmware, Ideapad_3\-17iil05_firmware, Ideapad_3\-17iml05_firmware, Ideapad_3\-17itl6_firmware, Ideapad_3_14iau7_firmware, Ideapad_3_15iau7_firmware, Ideapad_3_17iau7_firmware, Ideapad_5\-15iil05_firmware, Ideapad_5\-15itl05_firmware, Ideapad_5_15ial7_firmware, Ideapad_creator_5\-15imh05_firmware, Ideapad_gaming_3\-15imh05_firmware, L3\-15iml05_firmware, L3\-15itl6_firmware, Legion_5\-15imh05_firmware, Legion_5\-15imh05h_firmware, Legion_5\-15imh6_firmware, Legion_5\-15ith6_firmware, Legion_5\-15ith6h_firmware, Legion_5\-17imh05_firmware, Legion_5\-17imh05h_firmware, Legion_5\-17ith6_firmware, Legion_5\-17ith6h_firmware, Legion_5_15iah7_firmware, Legion_5_15iah7h_firmware, Legion_5_pro\-16ith6_firmware, Legion_5_pro\-16ith6h_firmware, Legion_5_pro_16iah7_firmware, Legion_5_pro_16iah7h_firmware, Legion_5p\-15imh05_firmware, Legion_5p\-15imh05h_firmware, Legion_7\-16ithg6_firmware, Legion_7_16iax7_firmware, S14_g2_itl_firmware, S14_g3_iap_firmware, S540\-13itl_firmware, Slim_7_14iap7_firmware, Slim_7_carbon_13iap7_firmware, Slim_7_pro\-14ihu5_firmware, Slim_7_prox_14iah7_firmware, Slim_9\-14itl05_firmware, Slim_9_14iap7_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_15p_imh_firmware, V14\-Igl_firmware, V14_g1\-Iml_firmware, V14_g2\-Itl_firmware, V14_g2_ijl_firmware, V14_g3_iap_firmware, V15\-Igl_firmware, V15_g1\-Iml_firmware, V15_g2\-Itl_firmware, V15_g2_ijl_firmware, V15_g3_iap_firmware, V17\-Iil_firmware, V17_g2\-Itl_firmware, V17_g3_iap_firmware, Yoga_7\-14itl5_firmware, Yoga_7\-15itl5_firmware, Yoga_7_14ial7_firmware, Yoga_7_16iah7_firmware, Yoga_7_16iap7_firmware, Yoga_9_14iap7_firmware, Yoga_slim_7_carbon_13iap7_firmware, Yoga_slim_7_pro\-14ihu5_firmware, Yoga_slim_7_pro\-14ihu5_o_firmware, Yoga_slim_7_pro\-14itl5_firmware, Yoga_slim_7_pro_14iah7_firmware, Yoga_slim_7_pro_14iap7_firmware, Yoga_slim_7_prox_14iah7_firmware, Yoga_slim_9\-14itl05_firmware, Yoga_slim_9_14iap7_firmware
|
6.7
|
|
|
2023-08-23
|
CVE-2022-3745
|
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI.
|
Ideapad_1\-14ijl7_firmware, Ideapad_1\-15ijl7_firmware, Ideapad_1_14iau7_firmware, Ideapad_1_14igl7_firmware, Ideapad_1_15iau7_firmware, Ideapad_1_15igl7_firmware, Ideapad_3\-14igl05_firmware, Ideapad_3\-14iil05_firmware, Ideapad_3\-14iml05_firmware, Ideapad_3\-14itl05_firmware, Ideapad_3\-14itl6_firmware, Ideapad_3\-15igl05_firmware, Ideapad_3\-15iil05_firmware, Ideapad_3\-15iml05_firmware, Ideapad_3\-15itl05_firmware, Ideapad_3\-15itl6_firmware, Ideapad_3\-17iil05_firmware, Ideapad_3\-17iml05_firmware, Ideapad_3\-17itl6_firmware, Ideapad_3_14iau7_firmware, Ideapad_3_15iau7_firmware, Ideapad_3_17iau7_firmware, Ideapad_5\-15iil05_firmware, Ideapad_5\-15itl05_firmware, Ideapad_5_15ial7_firmware, Ideapad_creator_5\-15imh05_firmware, Ideapad_gaming_3\-15imh05_firmware, L3\-15iml05_firmware, L3\-15itl6_firmware, Legion_5\-15imh05_firmware, Legion_5\-15imh05h_firmware, Legion_5\-15imh6_firmware, Legion_5\-15ith6_firmware, Legion_5\-15ith6h_firmware, Legion_5\-17imh05_firmware, Legion_5\-17imh05h_firmware, Legion_5\-17ith6_firmware, Legion_5\-17ith6h_firmware, Legion_5_15iah7_firmware, Legion_5_15iah7h_firmware, Legion_5_pro\-16ith6_firmware, Legion_5_pro\-16ith6h_firmware, Legion_5_pro_16iah7_firmware, Legion_5_pro_16iah7h_firmware, Legion_5p\-15imh05_firmware, Legion_5p\-15imh05h_firmware, Legion_7\-16ithg6_firmware, Legion_7_16iax7_firmware, S14_g2_itl_firmware, S14_g3_iap_firmware, S540\-13itl_firmware, Slim_7_14iap7_firmware, Slim_7_carbon_13iap7_firmware, Slim_7_pro\-14ihu5_firmware, Slim_7_prox_14iah7_firmware, Slim_9\-14itl05_firmware, Slim_9_14iap7_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_15p_imh_firmware, V14\-Igl_firmware, V14_g1\-Iml_firmware, V14_g2\-Itl_firmware, V14_g2_ijl_firmware, V14_g3_iap_firmware, V15\-Igl_firmware, V15_g1\-Iml_firmware, V15_g2\-Itl_firmware, V15_g2_ijl_firmware, V15_g3_iap_firmware, V17\-Iil_firmware, V17_g2\-Itl_firmware, V17_g3_iap_firmware, Yoga_7\-14itl5_firmware, Yoga_7\-15itl5_firmware, Yoga_7_14ial7_firmware, Yoga_7_16iah7_firmware, Yoga_7_16iap7_firmware, Yoga_9_14iap7_firmware, Yoga_slim_7_carbon_13iap7_firmware, Yoga_slim_7_pro\-14ihu5_firmware, Yoga_slim_7_pro\-14ihu5_o_firmware, Yoga_slim_7_pro\-14itl5_firmware, Yoga_slim_7_pro_14iah7_firmware, Yoga_slim_7_pro_14iap7_firmware, Yoga_slim_7_prox_14iah7_firmware, Yoga_slim_9\-14itl05_firmware, Yoga_slim_9_14iap7_firmware
|
4.4
|
|
|
2023-08-23
|
CVE-2022-3746
|
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller (EC) interface.
|
Ideapad_1\-14ijl7_firmware, Ideapad_1\-15ijl7_firmware, Ideapad_1_14iau7_firmware, Ideapad_1_14igl7_firmware, Ideapad_1_15iau7_firmware, Ideapad_1_15igl7_firmware, Ideapad_3\-14igl05_firmware, Ideapad_3\-14iil05_firmware, Ideapad_3\-14iml05_firmware, Ideapad_3\-14itl05_firmware, Ideapad_3\-14itl6_firmware, Ideapad_3\-15igl05_firmware, Ideapad_3\-15iil05_firmware, Ideapad_3\-15iml05_firmware, Ideapad_3\-15itl05_firmware, Ideapad_3\-15itl6_firmware, Ideapad_3\-17iil05_firmware, Ideapad_3\-17iml05_firmware, Ideapad_3\-17itl6_firmware, Ideapad_3_14iau7_firmware, Ideapad_3_15iau7_firmware, Ideapad_3_17iau7_firmware, Ideapad_5\-15iil05_firmware, Ideapad_5\-15itl05_firmware, Ideapad_5_15ial7_firmware, Ideapad_creator_5\-15imh05_firmware, Ideapad_gaming_3\-15imh05_firmware, L3\-15iml05_firmware, L3\-15itl6_firmware, Legion_5\-15imh05_firmware, Legion_5\-15imh05h_firmware, Legion_5\-15imh6_firmware, Legion_5\-15ith6_firmware, Legion_5\-15ith6h_firmware, Legion_5\-17imh05_firmware, Legion_5\-17imh05h_firmware, Legion_5\-17ith6_firmware, Legion_5\-17ith6h_firmware, Legion_5_15iah7_firmware, Legion_5_15iah7h_firmware, Legion_5_pro\-16ith6_firmware, Legion_5_pro\-16ith6h_firmware, Legion_5_pro_16iah7_firmware, Legion_5_pro_16iah7h_firmware, Legion_5p\-15imh05_firmware, Legion_5p\-15imh05h_firmware, Legion_7\-16ithg6_firmware, Legion_7_16iax7_firmware, S14_g2_itl_firmware, S14_g3_iap_firmware, S540\-13itl_firmware, Slim_7_14iap7_firmware, Slim_7_carbon_13iap7_firmware, Slim_7_pro\-14ihu5_firmware, Slim_7_prox_14iah7_firmware, Slim_9\-14itl05_firmware, Slim_9_14iap7_firmware, Thinkbook_15p_g2_ith_firmware, Thinkbook_15p_imh_firmware, V14\-Igl_firmware, V14_g1\-Iml_firmware, V14_g2\-Itl_firmware, V14_g2_ijl_firmware, V14_g3_iap_firmware, V15\-Igl_firmware, V15_g1\-Iml_firmware, V15_g2\-Itl_firmware, V15_g2_ijl_firmware, V15_g3_iap_firmware, V17\-Iil_firmware, V17_g2\-Itl_firmware, V17_g3_iap_firmware, Yoga_7\-14itl5_firmware, Yoga_7\-15itl5_firmware, Yoga_7_14ial7_firmware, Yoga_7_16iah7_firmware, Yoga_7_16iap7_firmware, Yoga_9_14iap7_firmware, Yoga_slim_7_carbon_13iap7_firmware, Yoga_slim_7_pro\-14ihu5_firmware, Yoga_slim_7_pro\-14ihu5_o_firmware, Yoga_slim_7_pro\-14itl5_firmware, Yoga_slim_7_pro_14iah7_firmware, Yoga_slim_7_pro_14iap7_firmware, Yoga_slim_7_prox_14iah7_firmware, Yoga_slim_9\-14itl05_firmware, Yoga_slim_9_14iap7_firmware
|
6.7
|
|
|