Lenovo Thinkpad Bios
10 CVEs affecting Lenovo Thinkpad Bios. Latest disclosed: 2023-11-08. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-5078 | Medium | 6.7 | 2023-11-08 | A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware. |
CVE-2022-4575 | Medium | 6.7 | 2023-10-30 | A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attacker with physical or l… |
CVE-2022-48189 | Medium | 6.7 | 2023-10-30 | An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute a… |
CVE-2022-4574 | Medium | 6.7 | 2023-10-30 | An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute… |
CVE-2022-1108 | Medium | 6.7 | 2022-04-22 | A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an at… |
CVE-2022-1107 | Medium | 6.7 | 2022-04-22 | During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad… |
CVE-2021-3843 | Medium | 6.7 | 2021-11-12 | A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and elevated privileges to execu… |
CVE-2021-3599 | Medium | 6.7 | 2021-11-12 | A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated… |
CVE-2021-3452 | Medium | 6.7 | 2021-07-16 | A potential vulnerability in the system shutdown SMI callback function in some ThinkPad models may allow an attacker with local access and elevated privileges… |
CVE-2021-3718 | Medium | 4.3 | 2021-11-12 | A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BI… |