Lucene search
LenovoCVELIST:CVE-2022-1891HistoryJan 23, 2023 - 3:25 p.m.
CVE-2022-1891
2023-01-2315:25:33
CWE-122
lenovo
www.cve.org
1
buffer overflow
lenovo notebook
systemloaddefaultdxe
local privileges
arbitrary code execution
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
]Related
nvd
nvd
CVE-2022-1891
2023-01-26 21:15:25
cve
cve
CVE-2022-1891
2023-01-26 21:15:25
prion
prion
Buffer overflow
2023-01-26 21:15:00
thn
thn
New UEFI Firmware Vulnerabilities Impact Several Lenovo Notebook Models
2022-07-13 11:47:00
New UEFI Firmware Flaws Reported in Several Lenovo Notebook Models
2022-11-10 06:36:00
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Related for CVELIST:CVE-2022-1891