Thinkcentre Neo 50a 24 Gen 4 Firmware Security Vulnerabilities and Issues — Thinkcentre Neo 50a 24 Gen 4 Firmware CVE List

Lucene search

LenovoThinkcentre Neo 50a 24 Gen 4 Firmware

15 matches found

CVE•added 2023/11/08 11:15 p.m.•51 views

CVE-2023-43579

A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

6.7CVSS6.9AI score0.00037EPSS

CVE•added 2023/11/08 10:15 p.m.•50 views

CVE-2023-43569

A buffer overflow was reported in the OemSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

6.7CVSS6.8AI score0.00066EPSS

CVE•added 2023/11/08 11:15 p.m.•47 views

CVE-2023-43577

A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

6.7CVSS6.9AI score0.00037EPSS

CVE•added 2023/11/08 10:15 p.m.•46 views

CVE-2023-43568

A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.

4.4CVSS4.6AI score0.00066EPSS

CVE•added 2023/11/08 11:15 p.m.•46 views

CVE-2023-43580

A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

6.7CVSS6.9AI score0.00037EPSS

CVE•added 2023/11/08 10:15 p.m.•44 views

CVE-2023-43567

A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

6.7CVSS6.9AI score0.00066EPSS

CVE•added 2023/11/08 11:15 p.m.•44 views

CVE-2023-43578

A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

6.7CVSS6.9AI score0.00037EPSS

CVE•added 2023/11/08 10:15 p.m.•42 views

CVE-2023-43570

A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary code.

6.7CVSS6.7AI score0.00047EPSS

CVE•added 2023/11/08 11:15 p.m.•41 views

CVE-2023-43571

A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

6.7CVSS6.9AI score0.00037EPSS

CVE•added 2023/11/08 11:15 p.m.•41 views

CVE-2023-43581

A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

6.7CVSS6.9AI score0.00037EPSS

CVE•added 2023/11/08 11:15 p.m.•40 views

CVE-2023-43575

A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

6.7CVSS6.9AI score0.00037EPSS

CVE•added 2023/11/08 11:15 p.m.•40 views

CVE-2023-43576

A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

6.7CVSS6.9AI score0.00037EPSS

CVE•added 2023/11/08 11:15 p.m.•37 views

CVE-2023-43574

A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.

4.4CVSS4.7AI score0.00036EPSS

CVE•added 2023/11/08 11:15 p.m.•34 views

CVE-2023-43573

A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

6.7CVSS6.9AI score0.00037EPSS

CVE•added 2023/11/08 11:15 p.m.•31 views

CVE-2023-43572

A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.

4.4CVSS4.6AI score0.00036EPSS