Lucene search

[email protected]NVD:CVE-2022-48188

HistoryJun 05, 2023 - 10:15 p.m.

CVE-2022-48188

2023-06-0522:15:11

CWE-787

[email protected]

web.nvd.nist.gov

buffer overflow

lenovo

securebootdxe

bios driver

privilege escalation

arbitrary code execution

cve-2022-48188

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

Percentile

5.1%

JSON

A buffer overflow vulnerability in the SecureBootDXE BIOS driver of some Lenovo Desktop and ThinkStation models could allow an attacker with local access to elevate their privileges to execute arbitrary code.

Affected configurations

Nvd

Node

lenovoideacentre_aio_3_21itl7Match-

AND

lenovoideacentre_aio_3_21itl7_firmwareRange<o5akt33

Node

lenovoideacentre_aio_3-22itl6Match-

AND

lenovoideacentre_aio_3-22itl6_firmwareRange<o5akt33

Node

lenovoideacentre_aio_3-24itl6_firmwareRange<o5akt33

AND

lenovoideacentre_aio_3-24itl6Match-

Node

lenovoideacentre_aio_3-27itl6_firmwareRange<o5akt33

AND

lenovoideacentre_aio_3-27itl6Match-

Node

lenovothinkcentre_m720e_firmwareRange<m1zkt40a

AND

lenovothinkcentre_m720eMatch-

Node

lenovothinkcentre_m720q_firmwareRange<m1ukt70a

AND

lenovothinkcentre_m720qMatch-

Node

lenovothinkcentre_m720s_firmwareRange<m1ukt70a

AND

lenovothinkcentre_m720sMatch-

Node

lenovothinkcentre_m720t_firmwareRange<m1ukt70a

AND

lenovothinkcentre_m720tMatch-

Node

lenovothinkcentre_m725s_firmwareRange<m25kt63a

AND

lenovothinkcentre_m725sMatch-

Node

lenovothinkcentre_m75s_gen_2_firmwareRange<m46kt30a

AND

lenovothinkcentre_m75s_gen_2Match-

Node

lenovothinkcentre_m75s_gen_2_firmwareRange<m3bkt30a

AND

lenovothinkcentre_m75s_gen_2Match-

Node

lenovothinkcentre_m75t_gen_2_firmwareRange<m46kt30a

AND

lenovothinkcentre_m75t_gen_2Match-

Node

lenovothinkcentre_m75t_gen_2_firmwareRange<m3akt4ca

AND

lenovothinkcentre_m75t_gen_2Match-

Node

lenovothinkcentre_m920q_firmwareRange<m1ukt70a

AND

lenovothinkcentre_m920qMatch-

Node

lenovothinkcentre_m920s_firmwareRange<m1ukt70a

AND

lenovothinkcentre_m920sMatch-

Node

lenovothinkcentre_m920t_firmwareRange<m1ukt70a

AND

lenovothinkcentre_m920tMatch-

Node

lenovothinkcentre_m920x_firmwareRange<m1ukt70a

AND

lenovothinkcentre_m920xMatch-

Node

lenovothinkcentre_m920z_firmwareRange<m1mkt55a

AND

lenovothinkcentre_m920zMatch-

Node

lenovoideacentre_510s-07icb_firmwareRange<m22kt48a

AND

lenovoideacentre_510s-07icbMatch-

Node

lenovoideacentre_510s-07icb_firmwareRange<m22kt49a

AND

lenovoideacentre_510s-07icbMatch-

Node

lenovoideacentre_510s-07ick_firmwareRange<m30kt28a

AND

lenovoideacentre_510s-07ickMatch-

Node

lenovoideacentre_510s-07ick_firmwareRange<m1zkt40a

AND

lenovoideacentre_510s-07ickMatch-

Node

lenovoideacentre_720-18apr_firmwareRange<m25kt63a

AND

lenovoideacentre_720-18aprMatch-

Node

lenovov30a-22itl_firmwareRange<o5akt33

AND

lenovov30a-22itlMatch-

Node

lenovov30a-24itl_firmwareRange<o5akt33

AND

lenovov30a-24itlMatch-

Node

lenovov530s-07icb_firmwareRange<m22kt49a

AND

lenovov530s-07icbMatch-

Node

lenovov530s-07icrMatch-

AND

lenovov530s-07icr_firmwareRange<m1zkt40a

Node

lenovothinkstation_p330_tinyMatch-

AND

lenovothinkstation_p330_tiny_firmwareRange<m1ukt70a

Node

lenovothinkstation_p360_ultraMatch-

AND

lenovothinkstation_p360_ultra_firmwareRange<s0fkt27a

Node

lenovothinkstation_p520Match-

AND

lenovothinkstation_p520_firmwareRange<s03kt58a

Node

lenovothinkstation_p520cMatch-

AND

lenovothinkstation_p520c_firmwareRange<s03kt58a

VendorProductVersionCPE
lenovoideacentre_aio_3_21itl7-cpe:2.3:h:lenovo:ideacentre_aio_3_21itl7:-:*:*:*:*:*:*:*
lenovoideacentre_aio_3_21itl7_firmware*cpe:2.3:o:lenovo:ideacentre_aio_3_21itl7_firmware:*:*:*:*:*:*:*:*
lenovoideacentre_aio_3-22itl6-cpe:2.3:h:lenovo:ideacentre_aio_3-22itl6:-:*:*:*:*:*:*:*
lenovoideacentre_aio_3-22itl6_firmware*cpe:2.3:o:lenovo:ideacentre_aio_3-22itl6_firmware:*:*:*:*:*:*:*:*
lenovoideacentre_aio_3-24itl6_firmware*cpe:2.3:o:lenovo:ideacentre_aio_3-24itl6_firmware:*:*:*:*:*:*:*:*
lenovoideacentre_aio_3-24itl6-cpe:2.3:h:lenovo:ideacentre_aio_3-24itl6:-:*:*:*:*:*:*:*
lenovoideacentre_aio_3-27itl6_firmware*cpe:2.3:o:lenovo:ideacentre_aio_3-27itl6_firmware:*:*:*:*:*:*:*:*
lenovoideacentre_aio_3-27itl6-cpe:2.3:h:lenovo:ideacentre_aio_3-27itl6:-:*:*:*:*:*:*:*
lenovothinkcentre_m720e_firmware*cpe:2.3:o:lenovo:thinkcentre_m720e_firmware:*:*:*:*:*:*:*:*
lenovothinkcentre_m720e-cpe:2.3:h:lenovo:thinkcentre_m720e:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
lenovo	ideacentre_aio_3_21itl7	-	cpe:2.3:h:lenovo:ideacentre_aio_3_21itl7:-:::::::*
lenovo	ideacentre_aio_3_21itl7_firmware	*	cpe:2.3:o:lenovo:ideacentre_aio_3_21itl7_firmware::::::::
lenovo	ideacentre_aio_3-22itl6	-	cpe:2.3:h:lenovo:ideacentre_aio_3-22itl6:-:::::::*
lenovo	ideacentre_aio_3-22itl6_firmware	*	cpe:2.3:o:lenovo:ideacentre_aio_3-22itl6_firmware::::::::
lenovo	ideacentre_aio_3-24itl6_firmware	*	cpe:2.3:o:lenovo:ideacentre_aio_3-24itl6_firmware::::::::
lenovo	ideacentre_aio_3-24itl6	-	cpe:2.3:h:lenovo:ideacentre_aio_3-24itl6:-:::::::*
lenovo	ideacentre_aio_3-27itl6_firmware	*	cpe:2.3:o:lenovo:ideacentre_aio_3-27itl6_firmware::::::::
lenovo	ideacentre_aio_3-27itl6	-	cpe:2.3:h:lenovo:ideacentre_aio_3-27itl6:-:::::::*
lenovo	thinkcentre_m720e_firmware	*	cpe:2.3:o:lenovo:thinkcentre_m720e_firmware::::::::
lenovo	thinkcentre_m720e	-	cpe:2.3:h:lenovo:thinkcentre_m720e:-:::::::*

Rows per page:

1-10 of 541

References

support.lenovo.com/us/en/product_security/LEN-124495

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2022-48188

prion1 cvelist1 cve1