Lenovo Thinkpad_e15_firmware
8 CVEs affecting Lenovo Thinkpad_e15_firmware. Latest disclosed: 2023-10-30. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-48189 | Medium | 6.7 | 2023-10-30 | An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute a… |
CVE-2021-3599 | Medium | 6.7 | 2021-11-12 | A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated… |
CVE-2023-2290 | Medium | 6.4 | 2023-06-26 | A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary co… |
CVE-2020-8336 | Medium | 6.4 | 2020-06-09 | Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash. |
CVE-2020-8323 | Medium | 6.4 | 2020-06-09 | A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow… |
CVE-2020-8320 | Medium | 6.4 | 2020-06-09 | An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege. |
CVE-2022-40134 | Medium | 4.4 | 2023-01-30 | An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privilege… |
CVE-2021-3786 | Medium | 4.4 | 2021-11-12 | A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data o… |