Lucene search
LenovoCVELIST:CVE-2022-1890HistoryJan 23, 2023 - 3:18 p.m.
CVE-2022-1890
2023-01-2315:18:46
CWE-122
lenovo
www.cve.org
buffer overflow
lenovo notebook
readybootdxe
local privilege
code execution
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
]Related
prion
prion
Buffer overflow
2023-01-26 21:15:00
nvd
nvd
CVE-2022-1890
2023-01-26 21:15:24
cve
cve
CVE-2022-1890
2023-01-26 21:15:24
thn
thn
New UEFI Firmware Vulnerabilities Impact Several Lenovo Notebook Models
2022-07-13 11:47:00
New UEFI Firmware Flaws Reported in Several Lenovo Notebook Models
2022-11-10 06:36:00
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Related for CVELIST:CVE-2022-1890