Lucene search

[email protected]CVE-2023-34419

HistoryAug 17, 2023 - 5:15 p.m.

CVE-2023-34419

2023-08-1717:15:09

CWE-120

[email protected]

web.nvd.nist.gov

cve-2023

buffer overflow

lenovo

notebook

setuputility

driver

security vulnerability

nvd

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.

Affected configurations

NVD

Node

lenovolegion_5_pro_16iah7h_firmwareRange<j2cn51ww

AND

lenovolegion_5_pro_16iah7hMatch-

Node

lenovolegion_5_pro_16iah7_firmwareRange<j2cn51ww

AND

lenovolegion_5_pro_16iah7Match-

Node

lenovolegion_5_pro_16arh7_firmwareMatch-

AND

lenovolegion_5_pro_16arh7Match-

Node

lenovolegion_5_pro_16arh7h_firmwareMatch-

AND

lenovolegion_5_pro_16arh7hMatch-

Node

lenovolegion_5_15arh7_firmwareMatch-

AND

lenovolegion_5_15arh7Match-

Node

lenovolegion_5_15arh7h_firmwareMatch-

AND

lenovolegion_5_15arh7hMatch-

Node

lenovolegion_5_15iah7h_firmwareRange<j2cn51ww

AND

lenovolegion_5_15iah7hMatch-

Node

lenovolegion_5_15iah7_firmwareRange<j2cn51ww

AND

lenovolegion_5_15iah7Match-

Node

lenovolegion_5_pro-16ach6_firmwareMatch-

AND

lenovolegion_5_pro-16ach6Match-

Node

lenovolegion_5_pro-16ach6h_firmwareMatch-

AND

lenovolegion_5_pro-16ach6hMatch-

Node

lenovolegion_5_pro-16ith6_firmwareMatch-

AND

lenovolegion_5_pro-16ith6Match-

Node

lenovolegion_5_pro-16ith6hMatch-

AND

lenovolegion_5_pro-16ith6h_firmwareMatch-

Node

lenovolegion_5-15ach6Match-

AND

lenovolegion_5-15ach6_firmwareMatch-

Node

lenovolegion_5-15ach6a_firmwareMatch-

AND

lenovolegion_5-15ach6aMatch-

Node

lenovolegion_5-15ach6h_firmwareMatch-

AND

lenovolegion_5-15ach6hMatch-

Node

lenovolegion_5-15ith6_firmwareMatch-

AND

lenovolegion_5-15ith6Match-

Node

lenovolegion_5-15ith6h_firmwareMatch-

AND

lenovolegion_5-15ith6hMatch-

Node

lenovolegion_5-17ach6_firmwareMatch-

AND

lenovolegion_5-17ach6Match-

Node

lenovolegion_5-17ach6h_firmwareMatch-

AND

lenovolegion_5-17ach6hMatch-

Node

lenovolegion_5-17ith6Match-

AND

lenovolegion_5-17ith6_firmwareMatch-

Node

lenovolegion_5-17ith6hMatch-

AND

lenovolegion_5-17ith6h_firmwareMatch-

Node

lenovolegion_7-16arha7Match-

AND

lenovolegion_7-16arha7_firmwareMatch-

Node

lenovolegion_7-16achg6Match-

AND

lenovolegion_7-16achg6_firmwareMatch-

Node

lenovolegion_7-16ithg6Match-

AND

lenovolegion_7-16ithg6_firmwareMatch-

Node

lenovolegion_pro_5_16irx8Match-

AND

lenovolegion_pro_5_16irx8_firmwareRange<kwcn37ww

Node

lenovolegion_pro_7_16irx8_firmwareRange<kwcn37ww

AND

lenovolegion_pro_7_16irx8Match-

Node

lenovolegion_pro_7_16irx8h_firmwareRange<kwcn37ww

AND

lenovolegion_pro_7_16irx8hMatch-

Node

lenovolegion_s7_16arha7_firmwareMatch-

AND

lenovolegion_s7_16arha7Match-

Node

lenovothinkbook_16p_g3_arh_firmwareMatch-

AND

lenovothinkbook_16p_g3_arhMatch-

Node

lenovothinkbook_15p_g2_ith_firmwareMatch-

AND

lenovothinkbook_15p_g2_ithMatch-

CPENameOperatorVersion
lenovo:legion_5_pro_16iah7h_firmwarelenovo legion 5 pro 16iah7h firmwareltj2cn51ww

CPE	Name	Operator	Version
lenovo:legion_5_pro_16iah7h_firmware	lenovo legion 5 pro 16iah7h firmware	lt	j2cn51ww

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Lenovo Notebook",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-134879

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-34419

prion1 cvelist1 nvd1