Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2023-2290
HistoryJun 26, 2023 - 8:15 p.m.

CVE-2023-2290

2023-06-2620:15:09
CWE-119
[email protected]
web.nvd.nist.gov
13
cve-2023-2290
lenovoflashdeviceinterface
smi handler
arbitrary code
local access
elevated privileges

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code.

Affected configurations

NVD
Node
lenovothinkpad_e14_firmwareMatch1.23
AND
lenovothinkpad_e14Match-
Node
lenovothinkpad_e14_gen_2_firmwareMatch1.55
AND
lenovothinkpad_e14_gen_2Match-
Node
lenovothinkpad_e14_gen_4_firmwareMatch1.18
AND
lenovothinkpad_e14_gen_4Match-
Node
lenovothinkpad_e14_gen_4_firmwareMatch1.16
AND
lenovothinkpad_e14_gen_4Match-
Node
lenovothinkpad_e15_firmwareMatch1.23
AND
lenovothinkpad_e15Match-
Node
lenovothinkpad_e15_gen_2_firmwareMatch1.55
AND
lenovothinkpad_e15_gen_2Match-
Node
lenovothinkpad_e15_gen_4_firmwareMatch1.18
AND
lenovothinkpad_e15_gen_4Match-
Node
lenovothinkpad_e15_gen_4_firmwareMatch1.16
AND
lenovothinkpad_e15_gen_4Match-
Node
lenovothinkpad_e490_firmwareMatch1.34
AND
lenovothinkpad_e490Match-
Node
lenovothinkpad_e490s_firmwareMatch1.34
AND
lenovothinkpad_e490sMatch-
Node
lenovothinkpad_e590_firmwareMatch1.34
AND
lenovothinkpad_e590Match-
Node
lenovothinkpad_l13_gen_3_firmwareMatch1.14
AND
lenovothinkpad_l13_gen_3Match-
Node
lenovothinkpad_l13_yoga_gen_3_firmwareMatch1.14
AND
lenovothinkpad_l13_yoga_gen_3Match-
Node
lenovothinkpad_l14_firmwareMatch1.2
AND
lenovothinkpad_l14Match-
Node
lenovothinkpad_l14_firmwareMatch1.3
AND
lenovothinkpad_l14Match-
Node
lenovothinkpad_l14_firmwareMatch1.48
OR
lenovothinkpad_l14_firmwareMatch1.61
AND
lenovothinkpad_l14Match-
Node
lenovothinkpad_l14_firmwareMatch1.26
AND
lenovothinkpad_l14Match-
Node
lenovothinkpad_l15_firmwareMatch1.2
AND
lenovothinkpad_l15Match-
Node
lenovothinkpad_l15_firmwareMatch1.3
AND
lenovothinkpad_l15Match-
Node
lenovothinkpad_l15_gen_2_firmwareMatch1.48
OR
lenovothinkpad_l15_gen_2_firmwareMatch1.61
AND
lenovothinkpad_l15_gen_2Match-
Node
lenovothinkpad_l15_gen_3_firmwareMatch1.26
AND
lenovothinkpad_l15_gen_3Match-
Node
lenovothinkpad_l490_firmwareMatch1.32
AND
lenovothinkpad_l490Match-
Node
lenovothinkpad_l590_firmwareMatch1.32
AND
lenovothinkpad_l590Match-
Node
lenovothinkpad_p1_gen_2_firmwareMatch1.46
AND
lenovothinkpad_p1_gen_2Match-
Node
lenovothinkpad_p1_gen_3_firmwareMatch1.27
AND
lenovothinkpad_p1_gen_3Match-
Node
lenovothinkpad_p1_gen_4_firmwareMatch1.22
AND
lenovothinkpad_p1_gen_4Match-
Node
lenovothinkpad_p1_gen_5_firmwareMatch1.16
AND
lenovothinkpad_p1_gen_5Match-
Node
lenovothinkpad_p14s_gen_1_firmwareMatch1.28
AND
lenovothinkpad_p14s_gen_1Match-
Node
lenovothinkpad_p14s_gen_2_firmwareMatch1.05
OR
lenovothinkpad_p14s_gen_2_firmwareMatch1.55
AND
lenovothinkpad_p14s_gen_2Match-
Node
lenovothinkpad_p14s_gen_2_firmwareMatch1.34
AND
lenovothinkpad_p14s_gen_2Match-
Node
lenovothinkpad_p14s_gen_3_firmwareMatch1.11
OR
lenovothinkpad_p14s_gen_3_firmwareMatch1.31
AND
lenovothinkpad_p14s_gen_3Match-
Node
lenovothinkpad_p15_gen_1_firmwareMatch1.32
AND
lenovothinkpad_p15_gen_1Match-
Node
lenovothinkpad_p15_gen_2_firmwareMatch1.25
AND
lenovothinkpad_p15_gen_2Match-
Node
lenovothinkpad_p15s_gen_1_firmwareMatch1.28
AND
lenovothinkpad_p15s_gen_1Match-
Node
lenovothinkpad_p15s_gen_2_firmwareMatch1.05
OR
lenovothinkpad_p15s_gen_2_firmwareMatch1.55
AND
lenovothinkpad_p15s_gen_2Match-
Node
lenovothinkpad_p15v_gen_1_firmwareMatch1.32
AND
lenovothinkpad_p15v_gen_1Match-
Node
lenovothinkpad_p15v_gen_2_firmwareMatch1.19
AND
lenovothinkpad_p15v_gen_2Match-
Node
lenovothinkpad_p15v_gen_3_firmwareMatch1.15
AND
lenovothinkpad_p15v_gen_3Match-
Node
lenovothinkpad_p16_gen_1_firmwareMatch1.17
AND
lenovothinkpad_p16_gen_1Match-
Node
lenovothinkpad_p16s_gen_1_firmwareMatch1.11
OR
lenovothinkpad_p16s_gen_1_firmwareMatch1.31
AND
lenovothinkpad_p16s_gen_1Match-
Node
lenovothinkpad_p17_gen_1_firmwareMatch1.32
AND
lenovothinkpad_p17_gen_1Match-
Node
lenovothinkpad_p17_gen_2_firmwareMatch1.25
AND
lenovothinkpad_p17_gen_2Match-
Node
lenovothinkpad_p43s_firmwareMatch1.21
OR
lenovothinkpad_p43s_firmwareMatch1.79
AND
lenovothinkpad_p43sMatch-
Node
lenovothinkpad_p53_firmwareMatch1.4
AND
lenovothinkpad_p53Match-
Node
lenovothinkpad_p53s_firmwareMatch1.21
OR
lenovothinkpad_p53s_firmwareMatch1.79
AND
lenovothinkpad_p53sMatch-
Node
lenovothinkpad_p73_firmwareMatch1.4
AND
lenovothinkpad_p73Match-
Node
lenovothinkpad_t14_gen_1_firmwareMatch1.28
AND
lenovothinkpad_t14_gen_1Match-
Node
lenovothinkpad_t14_gen_1_firmwareMatch1.28
AND
lenovothinkpad_t14_gen_1Match-
Node
lenovothinkpad_t14_gen_2_firmwareMatch1.05
OR
lenovothinkpad_t14_gen_2_firmwareMatch1.55
AND
lenovothinkpad_t14_gen_2Match-
Node
lenovothinkpad_t14_gen_2_firmwareMatch1.34
AND
lenovothinkpad_t14_gen_2Match-
Node
lenovothinkpad_t14_gen_3_firmwareMatch1.11
OR
lenovothinkpad_t14_gen_3_firmwareMatch1.31
AND
lenovothinkpad_t14_gen_3Match-
Node
lenovothinkpad_t14s_firmwareMatch1.26
AND
lenovothinkpad_t14sMatch-
Node
lenovothinkpad_t14s_gen_2_firmwareMatch1.51
AND
lenovothinkpad_t14s_gen_2Match-
Node
lenovothinkpad_t14s_gen_2_firmwareMatch1.37
AND
lenovothinkpad_t14s_gen_2Match-
Node
lenovothinkpad_t14s_gen_3_firmwareMatch1.33
AND
lenovothinkpad_t14s_gen_3Match-
Node
lenovothinkpad_t15_firmwareMatch1.28
AND
lenovothinkpad_t15Match-
Node
lenovothinkpad_t15_gen_2_firmwareMatch1.05
OR
lenovothinkpad_t15_gen_2_firmwareMatch1.55
AND
lenovothinkpad_t15_gen_2Match-
Node
lenovothinkpad_t15g_gen_1_firmwareMatch1.32
AND
lenovothinkpad_t15g_gen_1Match-
Node
lenovothinkpad_t15g_gen_2_firmwareMatch1.25
AND
lenovothinkpad_t15g_gen_2Match-
Node
lenovothinkpad_t15p_gen_1_firmwareMatch1.32
AND
lenovothinkpad_t15p_gen_1Match-
Node
lenovothinkpad_t15p_gen_2_firmwareMatch1.19
AND
lenovothinkpad_t15p_gen_2Match-
Node
lenovothinkpad_t15p_gen_3_firmwareMatch1.15
AND
lenovothinkpad_t15p_gen_3Match-
Node
lenovothinkpad_t16_gen_1_firmwareMatch1.11
OR
lenovothinkpad_t16_gen_1_firmwareMatch1.31
AND
lenovothinkpad_t16_gen_1Match-
Node
lenovothinkpad_t490_firmwareMatch1.21
OR
lenovothinkpad_t490_firmwareMatch1.79
AND
lenovothinkpad_t490Match-
Node
lenovothinkpad_t490_firmwareMatch1.21
OR
lenovothinkpad_t490_firmwareMatch1.79
AND
lenovothinkpad_t490Match-
Node
lenovothinkpad_t490_firmwareMatch1.21
OR
lenovothinkpad_t490_firmwareMatch1.79
AND
lenovothinkpad_t490Match-
Node
lenovothinkpad_t490s_firmwareMatch1.24
OR
lenovothinkpad_t490s_firmwareMatch1.79
AND
lenovothinkpad_t490sMatch-
Node
lenovothinkpad_t590_firmwareMatch1.21
OR
lenovothinkpad_t590_firmwareMatch1.79
AND
lenovothinkpad_t590Match-
Node
lenovothinkpad_thinkpad_r14_gen_2_firmwareMatch1.55
AND
lenovothinkpad_thinkpad_r14_gen_2Match-
Node
lenovothinkpad_thinkpad_r14_gen_4_firmwareMatch1.18
AND
lenovothinkpad_thinkpad_r14_gen_4Match-
Node
lenovothinkpad_thinkpad_s3_2nd_gen_firmwareMatch1.23
AND
lenovothinkpad_thinkpad_s3_2nd_genMatch-
Node
lenovothinkpad_x1_carbon_10th_gen_firmwareMatch1.37
AND
lenovothinkpad_x1_carbon_10th_genMatch-
Node
lenovothinkpad_x1_carbon_7th_gen_firmwareMatch1.45
OR
lenovothinkpad_x1_carbon_7th_gen_firmwareMatch1.56
AND
lenovothinkpad_x1_carbon_7th_genMatch-
Node
lenovothinkpad_x1_carbon_7th_gen_firmwareMatch1.45
OR
lenovothinkpad_x1_carbon_7th_gen_firmwareMatch1.56
AND
lenovothinkpad_x1_carbon_7th_genMatch-
Node
lenovothinkpad_x1_carbon_8th_gen_firmwareMatch1.15
OR
lenovothinkpad_x1_carbon_8th_gen_firmwareMatch1.30
AND
lenovothinkpad_x1_carbon_8th_genMatch-
Node
lenovothinkpad_x1_carbon_9th_gen_firmwareMatch1.59
AND
lenovothinkpad_x1_carbon_9th_genMatch-
Node
lenovothinkpad_x1_extreme_2nd_gen_firmwareMatch1.46
AND
lenovothinkpad_x1_extreme_2nd_genMatch-
Node
lenovothinkpad_x1_extreme_3rd_gen_firmwareMatch1.27
AND
lenovothinkpad_x1_extreme_3rd_genMatch-
Node
lenovothinkpad_x1_extreme_4th_gen_firmwareMatch1.22
AND
lenovothinkpad_x1_extreme_4th_genMatch-
Node
lenovothinkpad_x1_extreme_gen_5_firmwareMatch1.16
AND
lenovothinkpad_x1_extreme_gen_5Match-
Node
lenovothinkpad_x1_nano_gen_1_firmwareMatch1.55
AND
lenovothinkpad_x1_nano_gen_1Match-
Node
lenovothinkpad_x1_nano_gen_2_firmwareMatch1.18
AND
lenovothinkpad_x1_nano_gen_2Match-
Node
lenovothinkpad_x1_titanium_firmwareMatch1.24
AND
lenovothinkpad_x1_titaniumMatch-
Node
lenovothinkpad_x1_yoga_4th_gen_firmwareMatch1.45
OR
lenovothinkpad_x1_yoga_4th_gen_firmwareMatch1.56
AND
lenovothinkpad_x1_yoga_4th_genMatch-
Node
lenovothinkpad_x1_yoga_4th_gen_firmwareMatch1.45
OR
lenovothinkpad_x1_yoga_4th_gen_firmwareMatch1.56
AND
lenovothinkpad_x1_yoga_4th_genMatch-
Node
lenovothinkpad_x1_yoga_5th_gen_firmwareMatch1.15
OR
lenovothinkpad_x1_yoga_5th_gen_firmwareMatch1.30
AND
lenovothinkpad_x1_yoga_5th_genMatch-
Node
lenovothinkpad_x1_yoga_6th_gen_firmwareMatch1.59
AND
lenovothinkpad_x1_yoga_6th_genMatch-
Node
lenovothinkpad_x1_yoga_7th_gen_firmwareMatch1.37
AND
lenovothinkpad_x1_yoga_7th_genMatch-
Node
lenovothinkpad_x12_detachable_gen_1_firmwareMatch1.28
AND
lenovothinkpad_x12_detachable_gen_1Match-
Node
lenovothinkpad_x13_firmwareMatch1.26
AND
lenovothinkpad_x13Match-
Node
lenovothinkpad_x13_gen_2_firmwareMatch1.51
AND
lenovothinkpad_x13_gen_2Match-
Node
lenovothinkpad_x13_gen_2_firmwareMatch1.37
AND
lenovothinkpad_x13_gen_2Match-
Node
lenovothinkpad_x13_gen_3_firmwareMatch1.33
AND
lenovothinkpad_x13_gen_3Match-
Node
lenovothinkpad_x13_yoga_gen_1_firmwareMatch1.45
AND
lenovothinkpad_x13_yoga_gen_1Match-
Node
lenovothinkpad_x13_yoga_gen_2_firmwareMatch1.4
AND
lenovothinkpad_x13_yoga_gen_2Match-
Node
lenovothinkpad_x13_yoga_gen_3_firmwareMatch1.09
AND
lenovothinkpad_x13_yoga_gen_3Match-
Node
lenovothinkpad_x390_firmwareMatch1.79_1.24
AND
lenovothinkpad_x390Match-
Node
lenovothinkpad_x390_firmwareMatch1.24
OR
lenovothinkpad_x390_firmwareMatch1.79
AND
lenovothinkpad_x390Match-
Node
lenovothinkpad_x390_yoga_firmwareMatch1.95
AND
lenovothinkpad_x390_yogaMatch-
Node
lenovothinkpad_z13_gen_1_firmwareMatch1.57
AND
lenovothinkpad_z13_gen_1Match-
Node
lenovothinkpad_z16_gen_1_firmwareMatch1.57
AND
lenovothinkpad_z16_gen_1Match-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "ThinkPad ",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

Related

cvelist 1
nvd 1
prion 1
cvelist
cvelist
CVE-2023-2290
2023-06-26 19:44:19
nvd
nvd
CVE-2023-2290
2023-06-26 20:15:09
prion
prion
Code injection
2023-06-26 20:15:00

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVE-2023-2290
cvelist1nvd1prion1