Search criteria
6 vulnerabilities found for ideapad_5_pro-16ihu6_firmware by lenovo
FKIE_CVE-2022-3431
Vulnerability from fkie_nvd - Published: 2023-10-09 19:15 - Updated: 2024-11-21 07:19
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_creator_5-16ach6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7428DDA8-7629-4AF8-8DAA-7A49FF9D6DA1",
"versionEndExcluding": "gscn34ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_creator_5-16ach6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90031C15-00A0-40F8-A98B-DDFA3F79D247",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro-16ihu6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FFB4225-D28D-4C3B-BB03-349B966CCFCF",
"versionEndExcluding": "grcn22ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro-16ihu6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC34C489-CC06-41DF-91C8-2919B9770E78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro-16ach6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD22DD91-73C6-4982-9424-6C3AA1D52EA6",
"versionEndExcluding": "gscn34ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro-16ach6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F160EE76-3FF4-42EB-94DE-4FEFCCEE54C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-13itl05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09F8B96E-197D-4E6C-B766-EFB312705CA0",
"versionEndExcluding": "f7cn39ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-13itl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6E471A-EB31-46FE-944E-F48397F57E13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-13acn05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EBDE114-7FCF-4C49-A8F6-E20B25736454",
"versionEndExcluding": "ghcn28ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-13acn05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAF0D1D-070A-401E-B5B3-F3BCDD1860F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_pro_16arh7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "650BA4E3-7255-4AE1-B192-58C45166039F",
"versionEndExcluding": "klcn15ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_pro_16arh7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "620ACBF6-93BA-47B8-8AA6-974D81473171",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_pro_16ach6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "851B51FB-DEFB-4E55-8114-BA49BEF8DFDC",
"versionEndExcluding": "hucn16ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_pro_16ach6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BEB08B-768F-4BFC-819B-B8A1DD01431F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_carbon_13itl5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63C58648-9441-450E-BFFF-874781D29BC5",
"versionEndExcluding": "f7cn39ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_carbon_13itl5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "978E1E13-8918-41D0-985C-53904CE0EC16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_duet_7-13itl6-lte_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72679907-6E23-4BE7-809B-824B2E16D0EA",
"versionEndExcluding": "gpcn24ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_duet_7-13itl6-lte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72782D1B-DFFB-4F78-AA4F-C10AEF277D2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_duet_7-13itl6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "853F9F82-3DF5-4D6B-A3BD-410AFD9BD7F1",
"versionEndExcluding": "gpcn24ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_duet_7-13itl6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02CB1D39-F031-4AF9-88FE-E0E8E0A38768",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_duet_7-13iml05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E799EC61-46FC-46B1-B27C-67D472AEC947",
"versionEndExcluding": "ercn30ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_duet_7-13iml05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FCE2EC8-8384-4DE1-9B45-AECB510D0B1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_plus_g3_iap_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA39607-1264-4595-8BF2-A03FEE46A677",
"versionEndExcluding": "k6cn29ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_plus_g3_iap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8480B3A8-6F19-4C01-A5E8-B141DA845E4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_plus_g2_itg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9DA7E8-963A-4845-A1A5-33FCD953F7AB",
"versionEndExcluding": "gycn31ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_plus_g2_itg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D725D6F-60A7-4BEE-A19F-AF6CEEE46FE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_16p_nx_arh_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6219BA17-B4B5-476A-A583-0A1A7C724E69",
"versionEndExcluding": "kjcn27ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_16p_nx_arh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F21184FF-7B12-4422-A819-C0836777283B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_16_g4\\+_iap_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4405421-414E-4BAC-8E9F-E99B398BF0CD",
"versionEndExcluding": "hycn40ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_16_g4\\+_iap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA6832-49E6-4FFB-B49B-5ED528C8DC26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_16_g4\\+_ara_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30656321-CDEC-4078-BD88-AF6074D42F48",
"versionEndExcluding": "j6cn40ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_16_g4\\+_ara:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4062B850-7517-41A1-BA85-CEA38520B324",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_14_g4\\+_iap_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D008FDCD-FD4E-4DE7-8AF7-8982E2360E68",
"versionEndExcluding": "hycn40ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_14_g4\\+_iap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE24BE8-EFD8-417E-9059-3844E1526F32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_14_g4\\+_ara_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA85A21-27F0-4867-91D4-377EFD9A91CE",
"versionEndExcluding": "j6cn40ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_14_g4\\+_ara:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B69C2C6D-E963-48F9-A91D-FC850A5C05DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_13x_itg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA24E6D-72F4-44A0-B7E2-378CC6260549",
"versionEndExcluding": "hlcn30ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_13x_itg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09B30D44-B6FB-4824-BC6A-24307D8F7439",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_slim_7_pro_16ach6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57C398C8-388E-4622-B211-CB51120D8933",
"versionEndExcluding": "hucn16ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_slim_7_pro_16ach6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9378A311-DA4E-4452-8C0A-337F2375F948",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s540-15iml_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7654476D-65DA-495F-91F2-A59A6C840F51",
"versionEndExcluding": "cncn22ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s540-15iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78A9FC30-244F-441E-950E-2FDBFC520133",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:slim_7_16arh7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC68F2A8-9976-4157-9926-1F398584C0EB",
"versionEndExcluding": "klcn15ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:slim_7_16arh7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF0DB00-37E3-48C9-8229-59422C95C937",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_duet_3_10igl5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12037F5F-401A-4E68-92A8-922A5CA9BD63",
"versionEndExcluding": "eqcn37ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_duet_3_10igl5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6ED2CCF-A6BB-45C8-B729-31241AA7254A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro_16arh7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9E07F2-CCDE-4B45-9B04-7691D1869C1C",
"versionEndExcluding": "j4cn33ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro_16arh7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33034E99-8CA2-4736-91F6-8E42181E9AF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:d330-10igl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93B3E734-67AE-498C-9808-70D5F07161EE",
"versionEndExcluding": "g0cn11ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:d330-10igl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBE774E-04D0-46DE-8F9C-D4B9380BD1BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable."
},
{
"lang": "es",
"value": "Una vulnerabilidad potencial en un driver utilizado durante el proceso de fabricaci\u00f3n de algunos dispositivos de consumo Lenovo Notebook que no se desactiv\u00f3 por error, puede permitir que un atacante con privilegios elevados modifique la configuraci\u00f3n de arranque seguro modificando una variable de la NVRAM."
}
],
"id": "CVE-2022-3431",
"lastModified": "2024-11-21T07:19:30.057",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-09T19:15:09.987",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-94952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-94952"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-4212
Vulnerability from fkie_nvd - Published: 2022-04-22 21:15 - Updated: 2024-11-21 06:37
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@lenovo.com | https://support.lenovo.com/us/en/product_security/LEN-77639 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/product_security/LEN-77639 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:c340-14iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A2A14D6-1D26-4D4A-86A0-46FCFB518526",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:c340-14iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86569D76-4615-4865-8048-31FDD811A7A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:c340-15iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61ACF05D-A000-4ABD-94C8-C006B9EDC5C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:c340-15iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "175478C0-451F-4E13-B5A1-2D2D67399151",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:d330-10igm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD1DC59-6886-47EF-AE4F-A43C92A06FC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:d330-10igm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3218C6-E262-4611-82FC-FC657EC3B6B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:duet_3-10igl5_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C36245B2-3F2E-4D0E-9D8B-D925A42C5F6A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:duet_3-10igl5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A514B4D-BA44-458F-AE69-2C5C65B92F9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:e41-50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "335A408F-3CD0-4C58-A7BC-C7529ACD1AB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:e41-50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD139448-D942-429B-AE57-8E1EE366DAAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex-14iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE24D15-0924-4F5A-9DCB-FDAC6C63F382",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex-14iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5686ED1-9C64-4820-AC41-E67FFED65E3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex-15iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E247AF26-6B3E-49BD-B558-63903091C033",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex-15iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8890AFC-7325-4FE4-B915-BC76CE328D8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-14are05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C17E5A3D-03B1-450A-8AC7-AA0F622262EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-14are05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2410C3-1678-48B3-9004-7CD6EF7F8F35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-15are05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB2A97C2-4D5C-4C65-B1A0-9FB1A68E2E26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-15are05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27480F74-6D81-4DF8-8D3C-DD88C11069D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-17are05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1693CDC4-60B1-4AFD-B03E-07F86D37E642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-17are05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58641B0C-8D1B-4782-BF2C-42D6430D8B4A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_5-14alc05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "176A58B7-0629-4CF2-9672-0CADDA29DDEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_5-14alc05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F28F9DF-1C9E-463F-BF4F-F1E8CCA43906",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_5-14are05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC112C-025A-48C0-BAC9-BE2400C54AA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_5-14are05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1561A7E5-0DDD-4D6F-AEAE-6CA9ACEA08A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_5-15itl05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1524C54A-7A4A-40FA-93B5-937D25DA3781",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_5-15itl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A013FB04-A9C0-450A-9AE5-5BC343332E97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro-14acn6_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF078A07-1C95-4B8B-B6E5-C34BAC155487",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro-14acn6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D72D9A-2D3A-4CAA-8B10-95793994936D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro-14itl6_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3C00F7-E5AE-4E37-B6F0-8A36A222258C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro-14itl6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F708E90-9BB0-4ABD-94A6-F9C6F4CB2F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro-16ihu6_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ECD865-E643-434B-A334-165D184F310B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro-16ihu6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC34C489-CC06-41DF-91C8-2919B9770E78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_creator_5-15imh05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2DCDDF-A7FC-4309-B8A0-8E346477E679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_creator_5-15imh05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B321E545-1C60-43C4-B594-4BE8E80D0850",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_gaming_3-15ach6_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA4B4FAC-1BA5-4694-A4DE-6A827B148BEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_gaming_3-15ach6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB1453A9-AA67-4512-94FC-A23A5D0220F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_gaming_3-15arh05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA6107B-0ABF-4191-95B7-6A274234DE87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_gaming_3-15arh05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D871B4FF-5FCD-4085-83B4-DCC5144891DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_gaming_3-15imh05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1124E810-109C-4A51-A6BC-C531ED458D9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_gaming_3-15imh05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E956C347-1786-4BBB-8E07-1F173E3641B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:l340-15irh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66EF091D-DFE5-4376-BEF2-EDB789A7EFDF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l340-15irh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA2D4439-4A8B-4408-BF8D-1AE9C06DBB64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:l340-15iwl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6095CD-1598-453A-97A4-E75D512EB734",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l340-15iwl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CCF37C8-1876-48B1-9DCC-2A55F05D78DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:l340-15iwl_touch_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46899B35-25DF-4993-B604-CE8FFF90BADC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l340-15iwl_touch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64BFDE87-F058-4498-9452-F91BEB77481B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:l340-17irh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E85A0E73-E0EA-4DBB-8129-CB6BEAEA1F96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l340-17irh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84098C75-DC85-43BD-8F39-3CFC4096A1C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:l340-17iwl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F39261AB-83EC-41E8-8C8A-7095CBAC22B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l340-17iwl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF850EBE-0DAA-4C7F-9483-1DEDC733CBB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:legion_y540-15irh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08491697-197C-44FA-8736-7ECE61496F25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:legion_y540-15irh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A777FA6-182B-4C21-B599-54FC92CFB71C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:legion_y540-15irh-pg0_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1B0C764-0175-4197-B2E6-E6F305F77A7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:legion_y540-15irh-pg0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3358F8B-BE79-4C57-BFA1-4324EF5DFA83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:legion_y540-17irh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E17AAF3B-C9CB-4674-B4F4-401089E3657A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:legion_y540-17irh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C86B6C31-5565-47A2-A6F7-AAFC3E1C6497",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:legion_y540-17irh-pg0_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "941FC2CF-152A-4F22-B285-BC1F55A75999",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:legion_y540-17irh-pg0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20949554-72A0-400B-9C69-B6F11DE164A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:legion_y545_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E06131BF-C699-4966-A60E-3B6B51A85F5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:legion_y545:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAEDAFC-9C00-47F5-BE2F-67458489D136",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:legion_y545-pg0_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DC2BD60-5807-417F-B114-B6352A67F05B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:legion_y545-pg0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98DD03A0-162E-4393-B3C1-F6CF243FB20C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:legion_y7000-2019_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D694F3B-10D3-42E8-B55C-572AA5180FD1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:legion_y7000-2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9613293D-C5E1-485C-8024-B73A095FBF96",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:legion_y7000-2019-pg0_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "776E907F-04DE-45F1-8E9B-B3370A992032",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:legion_y7000-2019-pg0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "004D4C41-A7F4-4AC3-B250-CBADD178114A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s340-13iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6EA77A-7C77-4DA9-A50B-E5C156ECF13A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s340-13iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC243A6F-9ADB-4E51-926C-3D4BAAEBA89A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s340-14api_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "330B2F2E-B2E1-4743-9EF4-1F5FAD1FDF67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s340-14api:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACD0C61-89CF-4588-BC80-CC24D9265C15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s340-14iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B78BDC8-2A84-4E3A-8B0E-B8C8044E5E4E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s340-14iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC0341E8-8B3C-4E97-91DB-770DB209051C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s340-15api_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E2146E-B496-46CB-A62C-6F4C4A8B0DEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s340-15api:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFC87B62-12CB-4752-B1CB-3E4B47A522BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s340-15api_touch_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E68CDAC2-8CBE-47D1-A682-86A2A529A611",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s340-15api_touch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C94E1749-1F0E-40A2-81EF-643E99CB1228",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s340-15iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36DC5792-476C-4543-A39C-A58D411334F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s340-15iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE4FB530-2AF5-486A-B034-53393D212D6A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s540-14iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19439C38-0EB0-462B-A4E2-0A5824A2411B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s540-14iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6782E331-9442-4B57-A32F-AA48511AD1A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s540-14iml_touch_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC81AD5-3344-460B-999D-03664921CF6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s540-14iml_touch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5692AF4D-1802-49C6-AF24-0A875A83DBB8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s540-15iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "030E3040-E5B9-451A-A08E-63312562B74B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s540-15iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78A9FC30-244F-441E-950E-2FDBFC520133",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:slim_7-14are05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14C4C172-E856-43D2-918D-E5FC98E98F40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:slim_7-14are05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4DB03-5565-4643-8C54-CC0990F09108",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:slim_7-14itl05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A02F7B5-638A-46A3-A55B-8A2147D4D5FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:slim_7-14itl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "519C6C3A-4A67-4EAE-A588-67B423CC87EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:slim_7-15iil05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "926D017D-A1FF-4A62-B33F-931F64750336",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:slim_7-15iil05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "981F4EC1-AD4D-4B85-960F-882ABBE2A90A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:slim_7-15imh05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5C98D0D-36E6-4F23-9EAC-F1743C87F561",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:slim_7-15imh05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9240B1F9-5F4E-4736-ADE0-95D8922F5B70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:slim_7-15itl05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9128D2D2-2922-47B1-903C-BC37FE8692D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:slim_7-15itl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7F7A40C-E944-49C7-A7BC-2440FC95DC63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_13x_itg_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25617B80-A748-445D-A523-3B07E6A1DB40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_13x_itg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09B30D44-B6FB-4824-BC6A-24307D8F7439",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_14_g3_itl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E8A24E9-5183-40F5-B687-151054B94250",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_14_g3_itl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAF6B3E-3F3F-4397-AADF-24DA36BC96EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_plus_g2_itg_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBBA946E-E3BC-4C8D-9B11-6A036F575000",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_plus_g2_itg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D725D6F-60A7-4BEE-A19F-AF6CEEE46FE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v14-are_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDDB9DB4-7D89-4838-BD8C-2746E1FDCFE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v14-are:-:*:*:*:*:*:*:*",
"matchCriteriaId": "408806ED-CD55-47A3-9AFA-28882B1E99F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v140-15iwl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD95D4B1-23C1-4286-A42A-BFE21695677F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v140-15iwl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4410698E-9E54-4956-9C36-06ABF67DDB24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v340-17iwl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A812422-9829-482B-B1AF-2E3649C688B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v340-17iwl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB888E39-84EC-4DF3-BC01-3FAFD499AB00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_6-13alc6_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "472D8E92-3FCB-4B11-8936-931880B23166",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_6-13alc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED332AAE-A4AF-4844-8E73-B5B9DFD8817A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_creator_7-15imh05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5618B6A-DED7-490B-AD1B-5CC8EFEC13DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_creator_7-15imh05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DDF70B8-FA66-43B8-9D67-E11DAE426A19",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-14are05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE22218-5490-431A-937B-7FCC3364E63E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-14are05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "424B24D7-C69D-4C20-B6A6-7E0A00564CE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-14iil05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46C4C495-CA4D-4F3F-9A32-8AA433B9E5D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-14iil05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64D6AD27-0194-4CEC-AD80-3FC01593BB10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-14itl05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2678780C-48A6-4565-97A9-EFFC6B6F23A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-14itl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A146385-49E3-431E-AD2D-7CA1A40572EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-15iil05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A819F989-220C-4E69-94D9-6D52923198A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-15iil05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEE2E90-D589-4E56-978A-8D1041F1A5B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-15imh05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADF3A37-D095-4285-AE91-751C4F09D480",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-15imh05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA09D98-AEDA-4A32-B072-0A048BE7A5C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-15itl05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B174C25-8D2E-4780-9863-F654ED4B9272",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-15itl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20085906-9DDF-416B-A88D-7E94557ABA46",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_carbon_13itl5_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DC24185-A2D1-491F-9004-B99312B692DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_carbon_13itl5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "978E1E13-8918-41D0-985C-53904CE0EC16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code."
},
{
"lang": "es",
"value": "Una posible vulnerabilidad en la funci\u00f3n de devoluci\u00f3n de llamadas SMI usada en el controlador del modo BIOS heredado en algunos modelos de port\u00e1tiles Lenovo puede permitir a un atacante con acceso local y altos privilegios ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2021-4212",
"lastModified": "2024-11-21T06:37:09.727",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-22T21:15:10.067",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-77639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-77639"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-3431 (GCVE-0-2022-3431)
Vulnerability from cvelistv5 – Published: 2023-10-09 18:18 – Updated: 2024-09-19 14:36
VLAI?
Summary
A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
Severity ?
6.7 (Medium)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
Credits
Lenovo thanks Martin Smolár from ESET for reporting these issues.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:07:06.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-94952"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:lenovo:notebook:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "notebook",
"vendor": "lenovo",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3431",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T14:34:46.057328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T14:36:08.273Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Lenovo thanks Martin Smol\u00e1r from ESET for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable."
}
],
"value": "A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-09T18:18:54.016Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-94952"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update system firmware to the version (or newer) indicated for your model in the product Impact section of LEN-94952\u003cbr\u003e"
}
],
"value": "Update system firmware to the version (or newer) indicated for your model in the product Impact section of LEN-94952\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2022-3431",
"datePublished": "2023-10-09T18:18:54.016Z",
"dateReserved": "2022-10-07T19:59:25.920Z",
"dateUpdated": "2024-09-19T14:36:08.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-4212 (GCVE-0-2021-4212)
Vulnerability from cvelistv5 – Published: 2022-04-22 20:30 – Updated: 2024-08-03 17:16
VLAI?
Summary
A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Severity ?
6.7 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Lenovo thanks Jiawei Yin(@yngweijw) and Menghao Li of IIE varas
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:16:04.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-77639"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Jiawei Yin(@yngweijw) and Menghao Li of IIE varas"
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-22T20:30:44",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-77639"
}
],
"solutions": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-77639."
}
],
"source": {
"advisory": "LEN-77639",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2021-4212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Jiawei Yin(@yngweijw) and Menghao Li of IIE varas"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-77639",
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/LEN-77639"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-77639."
}
],
"source": {
"advisory": "LEN-77639",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2021-4212",
"datePublished": "2022-04-22T20:30:44",
"dateReserved": "2022-01-24T00:00:00",
"dateUpdated": "2024-08-03T17:16:04.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3431 (GCVE-0-2022-3431)
Vulnerability from nvd – Published: 2023-10-09 18:18 – Updated: 2024-09-19 14:36
VLAI?
Summary
A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
Severity ?
6.7 (Medium)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
Credits
Lenovo thanks Martin Smolár from ESET for reporting these issues.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:07:06.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-94952"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:lenovo:notebook:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "notebook",
"vendor": "lenovo",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3431",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T14:34:46.057328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T14:36:08.273Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Lenovo thanks Martin Smol\u00e1r from ESET for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable."
}
],
"value": "A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-09T18:18:54.016Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-94952"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update system firmware to the version (or newer) indicated for your model in the product Impact section of LEN-94952\u003cbr\u003e"
}
],
"value": "Update system firmware to the version (or newer) indicated for your model in the product Impact section of LEN-94952\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2022-3431",
"datePublished": "2023-10-09T18:18:54.016Z",
"dateReserved": "2022-10-07T19:59:25.920Z",
"dateUpdated": "2024-09-19T14:36:08.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-4212 (GCVE-0-2021-4212)
Vulnerability from nvd – Published: 2022-04-22 20:30 – Updated: 2024-08-03 17:16
VLAI?
Summary
A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Severity ?
6.7 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Lenovo thanks Jiawei Yin(@yngweijw) and Menghao Li of IIE varas
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:16:04.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-77639"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Jiawei Yin(@yngweijw) and Menghao Li of IIE varas"
}
],
"descriptions": [
{
"lang": "en",
"value": "A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-22T20:30:44",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-77639"
}
],
"solutions": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-77639."
}
],
"source": {
"advisory": "LEN-77639",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2021-4212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Jiawei Yin(@yngweijw) and Menghao Li of IIE varas"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-77639",
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/LEN-77639"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-77639."
}
],
"source": {
"advisory": "LEN-77639",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2021-4212",
"datePublished": "2022-04-22T20:30:44",
"dateReserved": "2022-01-24T00:00:00",
"dateUpdated": "2024-08-03T17:16:04.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}