2023-06-26
|
CVE-2023-2290
|
A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code.
|
Thinkpad_e14_firmware, Thinkpad_e14_gen_2_firmware, Thinkpad_e14_gen_4_firmware, Thinkpad_e15_firmware, Thinkpad_e15_gen_2_firmware, Thinkpad_e15_gen_4_firmware, Thinkpad_e490_firmware, Thinkpad_e490s_firmware, Thinkpad_e590_firmware, Thinkpad_l13_gen_3_firmware, Thinkpad_l13_yoga_gen_3_firmware, Thinkpad_l14_firmware, Thinkpad_l15_firmware, Thinkpad_l15_gen_2_firmware, Thinkpad_l15_gen_3_firmware, Thinkpad_l490_firmware, Thinkpad_l590_firmware, Thinkpad_p14s_gen_1_firmware, Thinkpad_p14s_gen_2_firmware, Thinkpad_p14s_gen_3_firmware, Thinkpad_p15_gen_1_firmware, Thinkpad_p15_gen_2_firmware, Thinkpad_p15s_gen_1_firmware, Thinkpad_p15s_gen_2_firmware, Thinkpad_p15v_gen_1_firmware, Thinkpad_p15v_gen_2_firmware, Thinkpad_p15v_gen_3_firmware, Thinkpad_p16_gen_1_firmware, Thinkpad_p16s_gen_1_firmware, Thinkpad_p17_gen_1_firmware, Thinkpad_p17_gen_2_firmware, Thinkpad_p1_gen_2_firmware, Thinkpad_p1_gen_3_firmware, Thinkpad_p1_gen_4_firmware, Thinkpad_p1_gen_5_firmware, Thinkpad_p43s_firmware, Thinkpad_p53_firmware, Thinkpad_p53s_firmware, Thinkpad_p73_firmware, Thinkpad_t14_gen_1_firmware, Thinkpad_t14_gen_2_firmware, Thinkpad_t14_gen_3_firmware, Thinkpad_t14s_firmware, Thinkpad_t14s_gen_2_firmware, Thinkpad_t14s_gen_3_firmware, Thinkpad_t15_firmware, Thinkpad_t15_gen_2_firmware, Thinkpad_t15g_gen_1_firmware, Thinkpad_t15g_gen_2_firmware, Thinkpad_t15p_gen_1_firmware, Thinkpad_t15p_gen_2_firmware, Thinkpad_t15p_gen_3_firmware, Thinkpad_t16_gen_1_firmware, Thinkpad_t490_firmware, Thinkpad_t490s_firmware, Thinkpad_t590_firmware, Thinkpad_thinkpad_r14_gen_2_firmware, Thinkpad_thinkpad_r14_gen_4_firmware, Thinkpad_thinkpad_s3_2nd_gen_firmware, Thinkpad_x12_detachable_gen_1_firmware, Thinkpad_x13_firmware, Thinkpad_x13_gen_2_firmware, Thinkpad_x13_gen_3_firmware, Thinkpad_x13_yoga_gen_1_firmware, Thinkpad_x13_yoga_gen_2_firmware, Thinkpad_x13_yoga_gen_3_firmware, Thinkpad_x1_carbon_10th_gen_firmware, Thinkpad_x1_carbon_7th_gen_firmware, Thinkpad_x1_carbon_8th_gen_firmware, Thinkpad_x1_carbon_9th_gen_firmware, Thinkpad_x1_extreme_2nd_gen_firmware, Thinkpad_x1_extreme_3rd_gen_firmware, Thinkpad_x1_extreme_4th_gen_firmware, Thinkpad_x1_extreme_gen_5_firmware, Thinkpad_x1_nano_gen_1_firmware, Thinkpad_x1_nano_gen_2_firmware, Thinkpad_x1_titanium_firmware, Thinkpad_x1_yoga_4th_gen_firmware, Thinkpad_x1_yoga_5th_gen_firmware, Thinkpad_x1_yoga_6th_gen_firmware, Thinkpad_x1_yoga_7th_gen_firmware, Thinkpad_x390_firmware, Thinkpad_x390_yoga_firmware, Thinkpad_z13_gen_1_firmware, Thinkpad_z16_gen_1_firmware
|
6.7
|
|
|
2023-10-09
|
CVE-2022-48182
|
A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.
|
Thinkpad_t14s_gen_3_firmware, Thinkpad_x13_gen_3_firmware
|
6.8
|
|
|
2023-10-09
|
CVE-2022-3728
|
A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.
|
Thinkpad_t14s_gen_3_firmware, Thinkpad_x13_gen_3_firmware
|
6.8
|
|
|
2023-10-09
|
CVE-2022-48183
|
A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.
|
Thinkpad_t14s_gen_3_firmware, Thinkpad_x13_gen_3_firmware
|
6.8
|
|
|
2023-10-30
|
CVE-2022-48189
|
An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code.
|
Thinkpad_e14_firmware, Thinkpad_e14_gen_2_firmware, Thinkpad_e14_gen_4_firmware, Thinkpad_e15_firmware, Thinkpad_e15_gen_2_firmware, Thinkpad_e15_gen_4_firmware, Thinkpad_e490_firmware, Thinkpad_e490s_firmware, Thinkpad_e590_firmware, Thinkpad_l13_gen_3_firmware, Thinkpad_l13_yoga_gen_3_firmware, Thinkpad_l14_firmware, Thinkpad_l15_firmware, Thinkpad_l15_gen_2_firmware, Thinkpad_l15_gen_3_firmware, Thinkpad_l490_firmware, Thinkpad_l590_firmware, Thinkpad_p14s_gen_1_firmware, Thinkpad_p14s_gen_2_firmware, Thinkpad_p14s_gen_3_firmware, Thinkpad_p15_gen_1_firmware, Thinkpad_p15_gen_2_firmware, Thinkpad_p15s_gen_1_firmware, Thinkpad_p15s_gen_2_firmware, Thinkpad_p15v_gen_1_firmware, Thinkpad_p15v_gen_2_firmware, Thinkpad_p15v_gen_3_firmware, Thinkpad_p16_gen_1_firmware, Thinkpad_p16s_gen_1_firmware, Thinkpad_p17_gen_1_firmware, Thinkpad_p17_gen_2_firmware, Thinkpad_p1_gen_2_firmware, Thinkpad_p1_gen_3_firmware, Thinkpad_p1_gen_4_firmware, Thinkpad_p1_gen_5_firmware, Thinkpad_p43s_firmware, Thinkpad_p53_firmware, Thinkpad_p53s_firmware, Thinkpad_p73_firmware, Thinkpad_t14_gen_1_firmware, Thinkpad_t14_gen_2_firmware, Thinkpad_t14_gen_3_firmware, Thinkpad_t14s_firmware, Thinkpad_t14s_gen_2_firmware, Thinkpad_t14s_gen_3_firmware, Thinkpad_t15_firmware, Thinkpad_t15_gen_2_firmware, Thinkpad_t15g_gen_1_firmware, Thinkpad_t15g_gen_2_firmware, Thinkpad_t15p_gen_1_firmware, Thinkpad_t15p_gen_2_firmware, Thinkpad_t15p_gen_3_firmware, Thinkpad_t16_gen_1_firmware, Thinkpad_t490_firmware, Thinkpad_t490s_firmware, Thinkpad_t590_firmware, Thinkpad_thinkpad_r14_gen_2_firmware, Thinkpad_thinkpad_r14_gen_4_firmware, Thinkpad_thinkpad_s3_2nd_gen_firmware, Thinkpad_x12_detachable_gen_1_firmware, Thinkpad_x13_firmware, Thinkpad_x13_gen_2_firmware, Thinkpad_x13_gen_3_firmware, Thinkpad_x13_yoga_gen_1_firmware, Thinkpad_x13_yoga_gen_2_firmware, Thinkpad_x13_yoga_gen_3_firmware, Thinkpad_x1_carbon_10th_gen_firmware, Thinkpad_x1_carbon_7th_gen_firmware, Thinkpad_x1_carbon_8th_gen_firmware, Thinkpad_x1_carbon_9th_gen_firmware, Thinkpad_x1_extreme_2nd_gen_firmware, Thinkpad_x1_extreme_3rd_gen_firmware, Thinkpad_x1_extreme_4th_gen_firmware, Thinkpad_x1_extreme_gen_5_firmware, Thinkpad_x1_nano_gen_1_firmware, Thinkpad_x1_nano_gen_2_firmware, Thinkpad_x1_titanium_firmware, Thinkpad_x1_yoga_4th_gen_firmware, Thinkpad_x1_yoga_5th_gen_firmware, Thinkpad_x1_yoga_6th_gen_firmware, Thinkpad_x1_yoga_7th_gen_firmware, Thinkpad_x390_firmware, Thinkpad_x390_yoga_firmware, Thinkpad_z13_gen_1_firmware, Thinkpad_z16_gen_1_firmware
|
6.7
|
|
|
2023-10-30
|
CVE-2022-4574
|
An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code.
|
Thinkpad_l14_firmware, Thinkpad_l14_gen_2_firmware, Thinkpad_l15_firmware, Thinkpad_l15_gen_2_firmware, Thinkpad_p14s_gen_1_firmware, Thinkpad_p14s_gen_2_firmware, Thinkpad_p14s_gen_3_firmware, Thinkpad_p15_gen_1_firmware, Thinkpad_p15_gen_2_firmware, Thinkpad_p15s_gen_1_firmware, Thinkpad_p15s_gen_2_firmware, Thinkpad_p15v_gen_1_firmware, Thinkpad_p15v_gen_2_firmware, Thinkpad_p15v_gen_3_firmware, Thinkpad_p16_gen_1_firmware, Thinkpad_p16s_gen_1_firmware, Thinkpad_p17_gen_1_firmware, Thinkpad_p17_gen_2_firmware, Thinkpad_p1_gen_3_firmware, Thinkpad_p1_gen_4_firmware, Thinkpad_p1_gen_5_firmware, Thinkpad_t14_gen_1_firmware, Thinkpad_t14_gen_2_firmware, Thinkpad_t14_gen_3_firmware, Thinkpad_t14s_firmware, Thinkpad_t14s_gen_2_firmware, Thinkpad_t14s_gen_3_firmware, Thinkpad_t15_gen_2_firmware, Thinkpad_t15g_gen_1_firmware, Thinkpad_t15g_gen_2_firmware, Thinkpad_t15p_gen_1_firmware, Thinkpad_t15p_gen_2_firmware, Thinkpad_t15p_gen_3_firmware, Thinkpad_t16_gen_1_firmware, Thinkpad_x13_firmware, Thinkpad_x13_gen_2_firmware, Thinkpad_x13_gen_3_firmware, Thinkpad_x13_yoga_gen_1_firmware, Thinkpad_x13_yoga_gen_2_firmware, Thinkpad_x1_carbon_10th_gen_firmware, Thinkpad_x1_carbon_7th_gen_firmware, Thinkpad_x1_carbon_8th_gen_firmware, Thinkpad_x1_carbon_9th_gen_firmware, Thinkpad_x1_extreme_3rd_gen_firmware, Thinkpad_x1_extreme_4th_gen_firmware, Thinkpad_x1_extreme_gen_5_firmware, Thinkpad_x1_fold_gen_1_firmware, Thinkpad_x1_nano_gen_1_firmware, Thinkpad_x1_nano_gen_2_firmware, Thinkpad_x1_titanium_firmware, Thinkpad_x1_yoga_4th_gen_firmware, Thinkpad_x1_yoga_5th_gen_firmware, Thinkpad_x1_yoga_6th_gen_firmware, Thinkpad_x1_yoga_7th_gen_firmware
|
6.7
|
|
|
2023-11-08
|
CVE-2023-5078
|
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware.
|
Thinkpad_l13_gen_2_firmware, Thinkpad_l13_gen_3_firmware, Thinkpad_l13_gen_4_firmware, Thinkpad_l13_yoga_gen_2_firmware, Thinkpad_l13_yoga_gen_3_firmware, Thinkpad_l13_yoga_gen_4_firmware, Thinkpad_l14_gen_3_firmware, Thinkpad_l14_gen_4_firmware, Thinkpad_l15_gen_3_firmware, Thinkpad_l15_gen_4_firmware, Thinkpad_p14s_gen_3_firmware, Thinkpad_p16s_gen_1_firmware, Thinkpad_s2_gen_8_firmware, Thinkpad_s2_yoga_gen_6_firmware, Thinkpad_s2_yoga_gen_7_firmware, Thinkpad_s2_yoga_gen_8_firmware, Thinkpad_t14_gen_3_firmware, Thinkpad_t14s_gen_3_firmware, Thinkpad_t16_gen_1_firmware, Thinkpad_x13_gen_3_firmware
|
6.7
|
|
|