Lucene search

[email protected]CVE-2022-40135

HistoryJan 30, 2023 - 10:15 p.m.

CVE-2022-40135

2023-01-3022:15:12

CWE-125

[email protected]

web.nvd.nist.gov

cve-2022-40135

information security

lenovo

smart usb protection

smi handler

vulnerability

local access

elevated privileges

smm memory

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.

Affected configurations

NVD

Node

lenovoideacentre_c5-14imb05_firmwareRange<o4hkt38a

AND

lenovoideacentre_c5-14imb05Match-

Node

lenovothinkcentre_e96z_firmwareRange<m26kt22a

AND

lenovothinkcentre_e96zMatch-

Node

lenovoideacentre_3_07iab7_firmwareRange<m49kt1da

AND

lenovoideacentre_3_07iab7Match-

Node

lenovoideacentre_3-07imb05_firmwareRange<m2vkt1da

AND

lenovoideacentre_3-07imb05Match-

Node

lenovoideacentre_5_14iab7_firmwareRange<m42kt40a

AND

lenovoideacentre_5_14iab7Match-

Node

lenovoideacentre_5-14acn6_firmwareRange<o5ekt21a

AND

lenovoideacentre_5-14acn6Match-

Node

lenovoideacentre_5-14imb05_firmwareRange<o4hkt38a

AND

lenovoideacentre_5-14imb05Match-

Node

lenovoideacentre_5-14iob6_firmwareRange<m3gkt33a

AND

lenovoideacentre_5-14iob6Match-

Node

lenovoideacentre_creator_5-14iob6_firmwareRange≤m3gkt33a

AND

lenovoideacentre_creator_5-14iob6Match-

Node

lenovoideacentre_g5-14imb05_firmwareRange<o4hkt38a

AND

lenovoideacentre_g5-14imb05Match-

Node

lenovoideacentre_gaming_5_17acn7_firmwareRange<o5ekt21a

AND

lenovoideacentre_gaming_5_17acn7Match-

Node

lenovoideacentre_gaming_5_17iab7_firmwareRange<m42kt40a

AND

lenovoideacentre_gaming_5_17iab7Match-

Node

lenovoideacentre_gaming_5-14acn6_firmwareRange<o5ekt21a

AND

lenovoideacentre_gaming_5-14acn6Match-

Node

lenovoideacentre_gaming_5-14iob6_firmwareRange<m3gkt33a

AND

lenovoideacentre_gaming_5-14iob6Match-

Node

lenovolegion_c530-19icb_firmwareRange<o4bkt20a

AND

lenovolegion_c530-19icbMatch-

Node

lenovolegion_t5-26iob6_firmwareRange<o54kt1da

AND

lenovolegion_t5-26iob6Match-

Node

lenovolegion_t5-28icb05_firmwareRange<o4bkt20a

AND

lenovolegion_t5-28icb05Match-

Node

lenovolegion_t530-28apr_firmwareRange<o4gkt16a

AND

lenovolegion_t530-28aprMatch-

Node

lenovolegion_t530-28icb_firmwareRange<o4bkt20a

AND

lenovolegion_t530-28icbMatch-

Node

lenovolegion_t7-34imz5_firmwareRange<o4lkt1ea

AND

lenovolegion_t7-34imz5Match-

Node

lenovothinkcentre_m60e_tiny_firmwareRange<m3skt21a

AND

lenovothinkcentre_m60e_tinyMatch-

Node

lenovothinkcentre_m625q_firmwareRange<m1wkt45a

AND

lenovothinkcentre_m625qMatch-

Node

lenovothinkcentre_m630e_firmwareRange<m28kt37a

AND

lenovothinkcentre_m630eMatch-

Node

lenovothinkcentre_m70a_firmwareRange<m2skt25a

AND

lenovothinkcentre_m70aMatch-

Node

lenovothinkcentre_m70a_gen_2_firmwareRange<m3nkt20a

AND

lenovothinkcentre_m70a_gen_2Match-

Node

lenovothinkcentre_m70c_firmwareRange<m2vkt1da

AND

lenovothinkcentre_m70cMatch-

Node

lenovothinkcentre_m70q_firmwareRange<m2wkt57a

AND

lenovothinkcentre_m70qMatch-

Node

lenovothinkcentre_m70q_gen_2_firmwareRange<m2wkt57a

AND

lenovothinkcentre_m70q_gen_2Match-

Node

lenovothinkcentre_m70q_gen_3_firmwareRange<m43kt16a

AND

lenovothinkcentre_m70q_gen_3Match-

Node

lenovothinkcentre_m70s_gen_3_firmwareRange<m41kt2da

AND

lenovothinkcentre_m70s_gen_3Match-

Node

lenovothinkcentre_m70t_gen_3_firmwareRange<m41kt2da

AND

lenovothinkcentre_m70t_gen_3Match-

Node

lenovothinkcentre_m710e_firmwareRange<m1zkt38a

AND

lenovothinkcentre_m710eMatch-

Node

lenovothinkcentre_m710q_firmwareRange<m1akt56a

AND

lenovothinkcentre_m710qMatch-

Node

lenovothinkcentre_m710s_firmwareRange<m16kt68a

AND

lenovothinkcentre_m710sMatch-

Node

lenovothinkcentre_m710t_firmwareRange<m16kt68a

AND

lenovothinkcentre_m710tMatch-

Node

lenovothinkcentre_m715q_firmwareRange<m11kt54a

AND

lenovothinkcentre_m715qMatch-

Node

lenovothinkcentre_m715t_firmwareRange<m2ckt4da

AND

lenovothinkcentre_m715tMatch-

Node

lenovothinkcentre_m720e_firmwareRange<m30kt26a

AND

lenovothinkcentre_m720eMatch-

Node

lenovothinkcentre_m720q_firmwareRange<m1ukt67a

AND

lenovothinkcentre_m720qMatch-

Node

lenovothinkcentre_m720s_firmwareRange<m1ukt67a

AND

lenovothinkcentre_m720sMatch-

Node

lenovothinkcentre_m720t_firmwareRange<m1ukt67a

AND

lenovothinkcentre_m720tMatch-

Node

lenovothinkcentre_m725s_firmwareRange<m25kt61a

AND

lenovothinkcentre_m725sMatch-

Node

lenovothinkcentre_m75n_firmwareRange<m33kt25a

AND

lenovothinkcentre_m75nMatch-

Node

lenovothinkcentre_m75q_gen_2_firmwareRange<m47kt24a

AND

lenovothinkcentre_m75q_gen_2Match-

Node

lenovothinkcentre_m75q-1_firmwareRange<m2fkt2da

AND

lenovothinkcentre_m75q-1Match-

Node

lenovothinkcentre_m75s_gen_2_firmwareRange<m46kt2da

AND

lenovothinkcentre_m75s_gen_2Match-

Node

lenovothinkcentre_m75s-1_firmwareRange<m2ckt4da

AND

lenovothinkcentre_m75s-1Match-

Node

lenovothinkcentre_m75t_gen_2_firmwareRange<m46kt2da

AND

lenovothinkcentre_m75t_gen_2Match-

Node

lenovothinkcentre_m80q_firmwareRange<m2wkt57a

AND

lenovothinkcentre_m80qMatch-

Node

lenovothinkcentre_m810z_firmwareRange<m1ckt49a

AND

lenovothinkcentre_m810zMatch-

Node

lenovothinkcentre_m818z_firmwareRange<m1ekt25a

AND

lenovothinkcentre_m818zMatch-

Node

lenovothinkcentre_m820z_firmwareRange<m1nkt58a

AND

lenovothinkcentre_m820zMatch-

Node

lenovothinkcentre_m90a_firmwareRange<m2rkt52a

AND

lenovothinkcentre_m90aMatch-

Node

lenovothinkcentre_m90a_gen2_firmwareRange<m3lkt26a

AND

lenovothinkcentre_m90a_gen2Match-

Node

lenovothinkcentre_m90q_gen_2_firmwareRange<m3jkt34a

AND

lenovothinkcentre_m90q_gen_2Match-

Node

lenovothinkcentre_m90q_tiny_firmwareRange<m2wkt57a

AND

lenovothinkcentre_m90q_tinyMatch-

Node

lenovothinkcentre_m910q_firmwareRange<m1akt56a

AND

lenovothinkcentre_m910qMatch-

Node

lenovothinkcentre_m910s_firmwareRange<m1akt56a

AND

lenovothinkcentre_m910sMatch-

Node

lenovothinkcentre_m910t_firmwareRange<m1akt56a

AND

lenovothinkcentre_m910tMatch-

Node

lenovothinkcentre_m910x_firmwareRange<m1akt56a

AND

lenovothinkcentre_m910xMatch-

Node

lenovothinkcentre_m920q_firmwareRange<m1ukt67a

AND

lenovothinkcentre_m920qMatch-

Node

lenovothinkcentre_m920s_firmwareRange<m1ukt67a

AND

lenovothinkcentre_m920sMatch-

Node

lenovothinkcentre_m920t_firmwareRange<m1ukt67a

AND

lenovothinkcentre_m920tMatch-

Node

lenovothinkcentre_m920x_firmwareRange<m1ukt67a

AND

lenovothinkcentre_m920xMatch-

Node

lenovothinkcentre_neo_50s_gen_3_firmwareRange<m49kt1da

AND

lenovothinkcentre_neo_50s_gen_3Match-

Node

lenovothinkcentre_neo_50t_gen_3_firmwareRange<m42kt40a

AND

lenovothinkcentre_neo_50t_gen_3Match-

Node

lenovoqitian_a815_firmwareRange<m1rkt38a

AND

lenovoqitian_a815Match-

Node

lenovoqt_m410_firmwareRange<m16kt68a

AND

lenovoqt_m410Match-

Node

lenovoqt_b415_firmwareRange<m16kt68a

AND

lenovoqt_b415Match-

Node

lenovoqt_m415_firmwareRange<m16kt68a

AND

lenovoqt_m415Match-

Node

lenovoideacentre_t540-15ama_g_firmwareRange<m2ckt4da

AND

lenovoideacentre_t540-15ama_gMatch-

Node

lenovoideacentre_t540-15ick_firmwareRange<o4kkt16a

AND

lenovoideacentre_t540-15ickMatch-

Node

lenovothinkcentre_e75_t\/s_firmwareRange<m16kt68a

AND

lenovothinkcentre_e75_t\/sMatch-

Node

lenovothinkcentre_m610_firmwareRange<m1akt56a

AND

lenovothinkcentre_m610Match-

Node

lenovothinkcentre_m6600q_firmwareRange<fwktbaa

AND

lenovothinkcentre_m6600qMatch-

Node

lenovothinkcentre_m6600t_firmwareRange<fwktbaa

AND

lenovothinkcentre_m6600tMatch-

Node

lenovothinkcentre_m6600s_firmwareRange<fwktbaa

AND

lenovothinkcentre_m6600sMatch-

Node

lenovoideacentre_3-07ada05_firmwareRange<o4fkt29a

AND

lenovoideacentre_3-07ada05Match-

Node

lenovoideacentre_5-14are05_firmwareRange<o4zkt29a

AND

lenovoideacentre_5-14are05Match-

Node

lenovoideacentre_g5-14amr05_firmwareRange<o4zkt29a

AND

lenovoideacentre_g5-14amr05Match-

Node

lenovoideacentre_510-15ick_firmwareRange<o4kkt16a

AND

lenovoideacentre_510-15ickMatch-

Node

lenovoideacentre_510a-15arr_firmwareRange<o4dkt43a

AND

lenovoideacentre_510a-15arrMatch-

Node

lenovoideacentre_510a-15ick_firmwareRange<o4kkt16a

AND

lenovoideacentre_510a-15ickMatch-

Node

lenovoideacentre_510s-07icb_firmwareRange<m22kt47a

AND

lenovoideacentre_510s-07icbMatch-

Node

lenovoideacentre_510s-07ick_firmwareRange<m30kt26a

AND

lenovoideacentre_510s-07ickMatch-

Node

lenovoideacentre_720-18apr_firmwareRange<m25kt61a

AND

lenovoideacentre_720-18aprMatch-

Node

lenovoideacentre_a340-22igm_firmwareRange<o51kt12a

AND

lenovoideacentre_a340-22igmMatch-

Node

lenovoideacentre_a340-24igm_firmwareRange<o51kt12a

AND

lenovoideacentre_a340-24igmMatch-

Node

lenovov30a-22iml_firmwareRange<m37kt28a

AND

lenovov30a-22imlMatch-

Node

lenovov30a-24iml_firmwareRange<m37kt28a

AND

lenovov30a-24imlMatch-

Node

lenovov330-20icb_firmwareRange<m1qkt47a

AND

lenovov330-20icbMatch-

Node

lenovov35s-07ada_firmwareRange<o4fkt29a

AND

lenovov35s-07adaMatch-

Node

lenovov50a-22imb_firmwareRange<m36kt28a

AND

lenovov50a-22imbMatch-

Node

lenovov50a-24imb_firmwareRange<m36kt28a

AND

lenovov50a-24imbMatch-

Node

lenovov50s-07imb_firmwareRange<m2vkt1da

AND

lenovov50s-07imbMatch-

Node

lenovov50t-13imb_firmwareRange<o4hkt38a

AND

lenovov50t-13imbMatch-

Node

lenovov50t-13iob_g2_firmwareRange<m3gkt33a

AND

lenovov50t-13iob_g2Match-

Node

lenovov520_firmwareRange<m16kt68a

AND

lenovov520Match-

Node

lenovov520s_firmwareRange<m16kt68a

AND

lenovov520sMatch-

Node

lenovov530-15arr_firmwareRange<o4dkt43a

AND

lenovov530-15arrMatch-

Node

lenovov530-15icb_firmwareRange<m1ykt70a

AND

lenovov530-15icbMatch-

Node

lenovov530-15icb_firmwareRange<m1ykt70a

AND

lenovov530-15icbMatch-

Node

lenovov530-15icr_firmwareRange<m2ykt31a

AND

lenovov530-15icrMatch-

Node

lenovov530-22icb_firmwareRange<m20kt52a

AND

lenovov530-22icbMatch-

Node

lenovov530-24icb_firmwareRange<m20kt52a

AND

lenovov530-24icbMatch-

Node

lenovov530s-07icb_firmwareRange<m22kt48a

AND

lenovov530s-07icbMatch-

Node

lenovov530s-07icr_firmwareRange<m30kt26a

AND

lenovov530s-07icrMatch-

Node

lenovov540-24iwl_firmwareRange<m29kt39a

AND

lenovov540-24iwlMatch-

Node

lenovov55t_gen_2_13acn_firmwareRange<o5jkt20a

AND

lenovov55t_gen_2_13acnMatch-

Node

lenovov55t-15api_firmwareRange<o4dkt43a

AND

lenovov55t-15apiMatch-

Node

lenovov55t-15are_firmwareRange<o4dkt43a

AND

lenovov55t-15areMatch-

Node

lenovoyangtian_afq150_firmwareRange<fwktbaa

AND

lenovoyangtian_afq150Match-

Node

lenovoyta8900f_firmwareRange<fwktbaa

AND

lenovoyta8900fMatch-

Node

lenovoyoga_a940-27icb_firmwareRange<o43kt43a

AND

lenovoyoga_a940-27icbMatch-

Node

lenovothinkedge_se30_firmwareRange<m3fkt29a

AND

lenovothinkedge_se30Match-

Node

lenovothinksmart_core_\&_controller_full_room_kit\Match_microsoft_teams_rooms_firmware-

AND

lenovothinksmart_core_\&_controller_full_room_kit\Match_microsoft_teams_rooms-

Node

lenovothinksmart_core_\&_controller_full_room_kit\Match_zoom_rooms_firmware-

AND

lenovothinksmart_core_\&_controller_full_room_kit\Match_zoom_rooms-

Node

lenovothinksmart_core_\&_controller_kit\Match_microsoft_teams_rooms_firmware-

AND

lenovothinksmart_core_\&_controller_kit\Match_microsoft_teams_rooms-

Node

lenovothinksmart_core_\&_controller_kit\Match_zoom_rooms_firmware-

AND

lenovothinksmart_core_\&_controller_kit\Match_zoom_rooms-

Node

lenovothinksmart_core_device_for_logitech_firmwareMatch-

AND

lenovothinksmart_core_device_for_logitechMatch-

Node

lenovothinksmart_core_device_for_poly_firmwareMatch-

AND

lenovothinksmart_core_device_for_polyMatch-

Node

lenovothinksmart_core_device\Match_zoom_rooms_firmware-

AND

lenovothinksmart_core_device\Match_zoom_rooms-

Node

lenovothinksmart_hub_teams_firmwareRange<m2xkt20a

AND

lenovothinksmart_hub_teamsMatch-

Node

lenovothinksmart_hub_zoom_firmwareRange<m2xkt20a

AND

lenovothinksmart_hub_zoomMatch-

Node

lenovothinkstation_p310_firmwareRange<fwktbaa

AND

lenovothinkstation_p310Match-

Node

lenovothinkstation_p320_tiny_firmwareRange<m1akt56a

AND

lenovothinkstation_p320_tinyMatch-

Node

lenovothinkstation_p330_tiny_firmwareRange<m1ukt67a

AND

lenovothinkstation_p330_tinyMatch-

Node

lenovothinkstation_p340_tiny_firmwareRange<m2wkt57a

AND

lenovothinkstation_p340_tinyMatch-

Node

lenovothinkstation_p340_firmwareRange<s08kt50a

AND

lenovothinkstation_p340Match-

Node

lenovothinkstation_p348_firmwareRange<m3kkt34a

AND

lenovothinkstation_p348Match-

Node

lenovothinkstation_p350_tiny_firmwareRange<m3jkt34a

AND

lenovothinkstation_p350_tinyMatch-

Node

lenovothinkstation_p350_firmwareRange≤s0akt34a

AND

lenovothinkstation_p350Match-

Node

lenovothinkstation_p520_firmwareRange<s03kt55a

AND

lenovothinkstation_p520Match-

Node

lenovothinkstation_p520c_firmwareRange<s03kt55a

AND

lenovothinkstation_p520cMatch-

Node

lenovothinkstation_p620_firmwareRange<s07kt25a

AND

lenovothinkstation_p620Match-

Node

lenovostadia_ggp-120_firmwareRange<s03kt55a

AND

lenovostadia_ggp-120Match-

Node

lenovothinkstation_p318_firmwareRange<m1akt56a

AND

lenovothinkstation_p318Match-

Node

lenovothinksystem_st50_firmwareRange<ite123e

AND

lenovothinksystem_st50Match-

Node

lenovothinksystem_st58_firmwareRange<ite123e

AND

lenovothinksystem_st58Match-

CPENameOperatorVersion
lenovo:ideacentre_c5-14imb05_firmwarelenovo ideacentre c5-14imb05 firmwarelto4hkt38a

CPE	Name	Operator	Version
lenovo:ideacentre_c5-14imb05_firmware	lenovo ideacentre c5-14imb05 firmware	lt	o4hkt38a

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "BIOS",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-94953

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2022-40135

prion1 nvd1 cvelist1 qualysblog1