Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown

CVE-2022-48189

Disclosure Date: October 30, 2023 (last updated November 04, 2023)
An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code.
Attack Vector: LocalPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-2290

Disclosure Date: June 26, 2023 (last updated September 16, 2024)
A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code.
Attack Vector: LocalPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-40134

Disclosure Date: January 30, 2023 (last updated October 08, 2023)
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
Attack Vector: LocalPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-8323

Disclosure Date: June 09, 2020 (last updated November 28, 2024)
A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution.
Attack Vector: LocalPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-8320

Disclosure Date: June 09, 2020 (last updated November 28, 2024)
An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-8336

Disclosure Date: June 09, 2020 (last updated November 28, 2024)
Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0