Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-5078 | 1 Lenovo | 40 Thinkpad L13 Gen 2, Thinkpad L13 Gen 2 Firmware, Thinkpad L13 Gen 3 and 37 more | 2024-09-16 | N/A | 6.7 MEDIUM |
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware. | |||||
CVE-2023-2290 | 1 Lenovo | 170 Thinkpad E14, Thinkpad E14 Firmware, Thinkpad E14 Gen 2 and 167 more | 2024-09-16 | N/A | 6.7 MEDIUM |
A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code. | |||||
CVE-2022-4574 | 1 Lenovo | 108 Thinkpad L14, Thinkpad L14 Firmware, Thinkpad L14 Gen 2 and 105 more | 2024-02-28 | N/A | 6.7 MEDIUM |
An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. | |||||
CVE-2023-3112 | 2 Ellipticlabs, Lenovo | 3 Ai Virtual Presence Sensor, Virtual Lock Sensor, Thinkpad T14 Gen 3 | 2024-02-28 | N/A | 7.8 HIGH |
A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that could allow an attacker with local access to execute code with elevated privileges. | |||||
CVE-2022-48189 | 1 Lenovo | 170 Thinkpad E14, Thinkpad E14 Firmware, Thinkpad E14 Gen 2 and 167 more | 2024-02-28 | N/A | 6.7 MEDIUM |
An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. |