Risk | Low |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2022-3742 CVE-2022-3743 CVE-2022-3744 CVE-2022-3745 CVE-2022-3746 |
CWE-ID | CWE-119 CWE-200 CWE-798 CWE-264 CWE-284 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
IdeaPad 1 14IAU7 Hardware solutions / Firmware IdeaPad 1 14IGL7 Hardware solutions / Firmware IdeaPad 1 15IAU7 Hardware solutions / Firmware IdeaPad 1 15IGL7 Hardware solutions / Firmware IdeaPad 1-14IJL7 Hardware solutions / Firmware IdeaPad 1-15IJL7 Hardware solutions / Firmware IdeaPad 3 14IAU7 Hardware solutions / Firmware IdeaPad 3 15IAU7 Hardware solutions / Firmware IdeaPad 3 17IAU7 Hardware solutions / Firmware IdeaPad 3-15IGL05 Hardware solutions / Firmware IdeaPad 3-17IIL05 Hardware solutions / Firmware IdeaPad 3-17ITL6 Hardware solutions / Firmware IdeaPad 5 15IAL7 Hardware solutions / Firmware ideapad L3-15IML05 Hardware solutions / Firmware ideapad L3-15ITL6 Hardware solutions / Firmware Lenovo Legion 5 15IAH7 Hardware solutions / Firmware Lenovo Legion 5 15IAH7H Hardware solutions / Firmware Lenovo Legion 5 Pro 16IAH7 Hardware solutions / Firmware Lenovo Legion 5 Pro 16IAH7H Hardware solutions / Firmware Lenovo Legion 5 Pro-16ITH6 Hardware solutions / Firmware Lenovo Legion 5 Pro-16ITH6H Hardware solutions / Firmware Lenovo Legion 5-15IMH05 Hardware solutions / Firmware Lenovo Legion 5-15IMH05H Hardware solutions / Firmware Lenovo Legion 5-15IMH6 Hardware solutions / Firmware Lenovo Legion 5-15ITH6 Hardware solutions / Firmware Lenovo Legion 5-15ITH6H Hardware solutions / Firmware Lenovo Legion 5-17IMH05 Hardware solutions / Firmware Lenovo Legion 5-17IMH05H Hardware solutions / Firmware Lenovo Legion 5-17ITH6 Hardware solutions / Firmware Lenovo Legion 5-17ITH6H Hardware solutions / Firmware Lenovo Legion 5P-15IMH05 Hardware solutions / Firmware Lenovo Legion 5P-15IMH05H Hardware solutions / Firmware Lenovo Legion 7-16ITHg6 Hardware solutions / Firmware Lenovo S14 G2 ITL Hardware solutions / Firmware Lenovo S14 G3 IAP Hardware solutions / Firmware Lenovo Slim 7 14IAP7 Hardware solutions / Firmware Lenovo Slim 7 Carbon 13IAP7 Hardware solutions / Firmware Lenovo ThinkBook 15p IMH Hardware solutions / Firmware Lenovo V14 G2 IJL Hardware solutions / Firmware Lenovo V14 G3 IAP Hardware solutions / Firmware Lenovo V15 G2 IJL Hardware solutions / Firmware Lenovo V15 G3 IAP Hardware solutions / Firmware Lenovo V17 G3 IAP Hardware solutions / Firmware ideapad S540-13ITL Hardware solutions / Firmware ThinkBook 15P G2 ITH Hardware solutions / Firmware Lenovo V14 G1-IML Hardware solutions / Firmware Lenovo V14 G2-ITL Hardware solutions / Firmware Lenovo V14-IGL Hardware solutions / Firmware Lenovo V15 G1-IML Hardware solutions / Firmware Lenovo V15 G2-ITL Hardware solutions / Firmware Lenovo V15-IGL Hardware solutions / Firmware Lenovo V17 G2-ITL Hardware solutions / Firmware Lenovo V17-IIL Hardware solutions / Firmware Yoga 7 14IAL7 Hardware solutions / Firmware Yoga 7 16IAH7 Hardware solutions / Firmware IdeaPad Yoga 7 16IAP7 Hardware solutions / Firmware ideapad Yoga 7-14ITL5 Hardware solutions / Firmware ideapad Yoga 7-15ITL5 Hardware solutions / Firmware Yoga Slim 7 Carbon 13IAP7 Hardware solutions / Firmware Yoga Slim 7 Pro 14IAH7 Hardware solutions / Firmware IdeaPad Yoga Slim 7 Pro 14IAP7 Hardware solutions / Firmware ideapad 3-14IGL05 Hardware solutions / Firmware ideapad 3-14IIL05 Hardware solutions / Firmware ideapad 3-14IML05 Hardware solutions / Firmware ideapad 3-14ITL05 Hardware solutions / Firmware ideapad 3-14ITL6 Hardware solutions / Firmware ideapad 3-15IIL05 Hardware solutions / Firmware ideapad 3-15IML05 Hardware solutions / Firmware ideapad 3-15ITL05 Hardware solutions / Firmware ideapad 3-15ITL6 Hardware solutions / Firmware ideapad 3-17IML05 Hardware solutions / Firmware ideapad 5-15IIL05 Hardware solutions / Firmware ideapad Creator 5-15IMH05 Hardware solutions / Firmware ideapad Gaming 3-15IMH05 Hardware solutions / Firmware IdeaPad Yoga 9 14IAP7 Hardware solutions / Firmware |
Vendor | Lenovo |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU68890
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-3742
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in LCFC BIOS. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Vulnerable software versionsIdeaPad 1 14IAU7: All versions
IdeaPad 1 14IGL7: All versions
IdeaPad 1 15IAU7: All versions
IdeaPad 1 15IGL7: All versions
IdeaPad 1-14IJL7: All versions
IdeaPad 1-15IJL7: All versions
IdeaPad 3 14IAU7: All versions
IdeaPad 3 15IAU7: All versions
IdeaPad 3 17IAU7: All versions
IdeaPad 3-15IGL05: All versions
IdeaPad 3-17IIL05: All versions
IdeaPad 3-17ITL6: All versions
IdeaPad 5 15IAL7: All versions
ideapad L3-15IML05: All versions
ideapad L3-15ITL6: All versions
Lenovo Legion 5 15IAH7: All versions
Lenovo Legion 5 15IAH7H: All versions
Lenovo Legion 5 Pro 16IAH7: All versions
Lenovo Legion 5 Pro 16IAH7H: All versions
Lenovo Legion 5 Pro-16ITH6: All versions
Lenovo Legion 5 Pro-16ITH6H: All versions
Lenovo Legion 5-15IMH05: All versions
Lenovo Legion 5-15IMH05H: All versions
Lenovo Legion 5-15IMH6: All versions
Lenovo Legion 5-15ITH6: All versions
Lenovo Legion 5-15ITH6H: All versions
Lenovo Legion 5-17IMH05: All versions
Lenovo Legion 5-17IMH05H: All versions
Lenovo Legion 5-17ITH6: All versions
Lenovo Legion 5-17ITH6H: All versions
Lenovo Legion 5P-15IMH05: All versions
Lenovo Legion 5P-15IMH05H: All versions
Lenovo Legion 7-16ITHg6: All versions
Lenovo S14 G2 ITL: All versions
Lenovo S14 G3 IAP: All versions
Lenovo Slim 7 14IAP7: All versions
Lenovo Slim 7 Carbon 13IAP7: All versions
Lenovo ThinkBook 15p IMH: All versions
Lenovo V14 G2 IJL: All versions
Lenovo V14 G3 IAP: All versions
Lenovo V15 G2 IJL: All versions
Lenovo V15 G3 IAP: All versions
Lenovo V17 G3 IAP: All versions
ideapad S540-13ITL: All versions
ThinkBook 15P G2 ITH: All versions
Lenovo V14 G1-IML: All versions
Lenovo V14 G2-ITL: All versions
Lenovo V14-IGL: All versions
Lenovo V15 G1-IML: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V15-IGL: All versions
Lenovo V17 G2-ITL: All versions
Lenovo V17-IIL: All versions
Yoga 7 14IAL7: All versions
Yoga 7 16IAH7: All versions
IdeaPad Yoga 7 16IAP7: All versions
ideapad Yoga 7-14ITL5: All versions
ideapad Yoga 7-15ITL5: All versions
Yoga Slim 7 Carbon 13IAP7: All versions
Yoga Slim 7 Pro 14IAH7: All versions
IdeaPad Yoga Slim 7 Pro 14IAP7: All versions
ideapad 3-14IGL05: All versions
ideapad 3-14IIL05: All versions
ideapad 3-14IML05: All versions
ideapad 3-14ITL05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-15IIL05: All versions
ideapad 3-15IML05: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15ITL6: All versions
ideapad 3-17IML05: All versions
ideapad 5-15IIL05: All versions
ideapad Creator 5-15IMH05: All versions
ideapad Gaming 3-15IMH05: All versions
IdeaPad Yoga 9 14IAP7: before HNCN42WW
External linkshttp://support.lenovo.com/us/en/product_security/LEN-103710
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68891
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-3743
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an error within the LCFC BIOS implementation. A local user can enumerate Embedded Controller (EC) commands and use them to escalate privileges on the system.
Install updates from vendor's website.
Vulnerable software versionsIdeaPad 1 14IAU7: All versions
IdeaPad 1 14IGL7: All versions
IdeaPad 1 15IAU7: All versions
IdeaPad 1 15IGL7: All versions
IdeaPad 1-14IJL7: All versions
IdeaPad 1-15IJL7: All versions
IdeaPad 3 14IAU7: All versions
IdeaPad 3 15IAU7: All versions
IdeaPad 3 17IAU7: All versions
IdeaPad 3-15IGL05: All versions
IdeaPad 3-17IIL05: All versions
IdeaPad 3-17ITL6: All versions
IdeaPad 5 15IAL7: All versions
ideapad L3-15IML05: All versions
ideapad L3-15ITL6: All versions
Lenovo Legion 5 15IAH7: All versions
Lenovo Legion 5 15IAH7H: All versions
Lenovo Legion 5 Pro 16IAH7: All versions
Lenovo Legion 5 Pro 16IAH7H: All versions
Lenovo Legion 5 Pro-16ITH6: All versions
Lenovo Legion 5 Pro-16ITH6H: All versions
Lenovo Legion 5-15IMH05: All versions
Lenovo Legion 5-15IMH05H: All versions
Lenovo Legion 5-15IMH6: All versions
Lenovo Legion 5-15ITH6: All versions
Lenovo Legion 5-15ITH6H: All versions
Lenovo Legion 5-17IMH05: All versions
Lenovo Legion 5-17IMH05H: All versions
Lenovo Legion 5-17ITH6: All versions
Lenovo Legion 5-17ITH6H: All versions
Lenovo Legion 5P-15IMH05: All versions
Lenovo Legion 5P-15IMH05H: All versions
Lenovo Legion 7-16ITHg6: All versions
Lenovo S14 G2 ITL: All versions
Lenovo S14 G3 IAP: All versions
Lenovo Slim 7 14IAP7: All versions
Lenovo Slim 7 Carbon 13IAP7: All versions
Lenovo ThinkBook 15p IMH: All versions
Lenovo V14 G2 IJL: All versions
Lenovo V14 G3 IAP: All versions
Lenovo V15 G2 IJL: All versions
Lenovo V15 G3 IAP: All versions
Lenovo V17 G3 IAP: All versions
ideapad S540-13ITL: All versions
ThinkBook 15P G2 ITH: All versions
Lenovo V14 G1-IML: All versions
Lenovo V14 G2-ITL: All versions
Lenovo V14-IGL: All versions
Lenovo V15 G1-IML: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V15-IGL: All versions
Lenovo V17 G2-ITL: All versions
Lenovo V17-IIL: All versions
Yoga 7 14IAL7: All versions
Yoga 7 16IAH7: All versions
IdeaPad Yoga 7 16IAP7: All versions
ideapad Yoga 7-14ITL5: All versions
ideapad Yoga 7-15ITL5: All versions
Yoga Slim 7 Carbon 13IAP7: All versions
Yoga Slim 7 Pro 14IAH7: All versions
IdeaPad Yoga Slim 7 Pro 14IAP7: All versions
ideapad 3-14IGL05: All versions
ideapad 3-14IIL05: All versions
ideapad 3-14IML05: All versions
ideapad 3-14ITL05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-15IIL05: All versions
ideapad 3-15IML05: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15ITL6: All versions
ideapad 3-17IML05: All versions
ideapad 5-15IIL05: All versions
ideapad Creator 5-15IMH05: All versions
ideapad Gaming 3-15IMH05: All versions
IdeaPad Yoga 9 14IAP7: before HNCN42WW
External linkshttp://support.lenovo.com/us/en/product_security/LEN-103710
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68892
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-3744
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows an attacker to compromise the affected system.
The vulnerability exists due to usage of hard-coded SMI handler credentials in LCFC BIOS. An attacker with physical access to device can unlock UEFI variables and compromise the affected system.
Install updates from vendor's website.
Vulnerable software versionsIdeaPad 1 14IAU7: All versions
IdeaPad 1 14IGL7: All versions
IdeaPad 1 15IAU7: All versions
IdeaPad 1 15IGL7: All versions
IdeaPad 1-14IJL7: All versions
IdeaPad 1-15IJL7: All versions
IdeaPad 3 14IAU7: All versions
IdeaPad 3 15IAU7: All versions
IdeaPad 3 17IAU7: All versions
IdeaPad 3-15IGL05: All versions
IdeaPad 3-17IIL05: All versions
IdeaPad 3-17ITL6: All versions
IdeaPad 5 15IAL7: All versions
ideapad L3-15IML05: All versions
ideapad L3-15ITL6: All versions
Lenovo Legion 5 15IAH7: All versions
Lenovo Legion 5 15IAH7H: All versions
Lenovo Legion 5 Pro 16IAH7: All versions
Lenovo Legion 5 Pro 16IAH7H: All versions
Lenovo Legion 5 Pro-16ITH6: All versions
Lenovo Legion 5 Pro-16ITH6H: All versions
Lenovo Legion 5-15IMH05: All versions
Lenovo Legion 5-15IMH05H: All versions
Lenovo Legion 5-15IMH6: All versions
Lenovo Legion 5-15ITH6: All versions
Lenovo Legion 5-15ITH6H: All versions
Lenovo Legion 5-17IMH05: All versions
Lenovo Legion 5-17IMH05H: All versions
Lenovo Legion 5-17ITH6: All versions
Lenovo Legion 5-17ITH6H: All versions
Lenovo Legion 5P-15IMH05: All versions
Lenovo Legion 5P-15IMH05H: All versions
Lenovo Legion 7-16ITHg6: All versions
Lenovo S14 G2 ITL: All versions
Lenovo S14 G3 IAP: All versions
Lenovo Slim 7 14IAP7: All versions
Lenovo Slim 7 Carbon 13IAP7: All versions
Lenovo ThinkBook 15p IMH: All versions
Lenovo V14 G2 IJL: All versions
Lenovo V14 G3 IAP: All versions
Lenovo V15 G2 IJL: All versions
Lenovo V15 G3 IAP: All versions
Lenovo V17 G3 IAP: All versions
ideapad S540-13ITL: All versions
ThinkBook 15P G2 ITH: All versions
Lenovo V14 G1-IML: All versions
Lenovo V14 G2-ITL: All versions
Lenovo V14-IGL: All versions
Lenovo V15 G1-IML: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V15-IGL: All versions
Lenovo V17 G2-ITL: All versions
Lenovo V17-IIL: All versions
Yoga 7 14IAL7: All versions
Yoga 7 16IAH7: All versions
IdeaPad Yoga 7 16IAP7: All versions
ideapad Yoga 7-14ITL5: All versions
ideapad Yoga 7-15ITL5: All versions
Yoga Slim 7 Carbon 13IAP7: All versions
Yoga Slim 7 Pro 14IAH7: All versions
IdeaPad Yoga Slim 7 Pro 14IAP7: All versions
ideapad 3-14IGL05: All versions
ideapad 3-14IIL05: All versions
ideapad 3-14IML05: All versions
ideapad 3-14ITL05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-15IIL05: All versions
ideapad 3-15IML05: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15ITL6: All versions
ideapad 3-17IML05: All versions
ideapad 5-15IIL05: All versions
ideapad Creator 5-15IMH05: All versions
ideapad Gaming 3-15IMH05: All versions
IdeaPad Yoga 9 14IAP7: before HNCN42WW
External linkshttp://support.lenovo.com/us/en/product_security/LEN-103710
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68893
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-3745
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists in LCFC BIOS due to improperly imposed security restrictions. A local user can view incoming and returned data from SMI.
Install updates from vendor's website.
Vulnerable software versionsIdeaPad 1 14IAU7: All versions
IdeaPad 1 14IGL7: All versions
IdeaPad 1 15IAU7: All versions
IdeaPad 1 15IGL7: All versions
IdeaPad 1-14IJL7: All versions
IdeaPad 1-15IJL7: All versions
IdeaPad 3 14IAU7: All versions
IdeaPad 3 15IAU7: All versions
IdeaPad 3 17IAU7: All versions
IdeaPad 3-15IGL05: All versions
IdeaPad 3-17IIL05: All versions
IdeaPad 3-17ITL6: All versions
IdeaPad 5 15IAL7: All versions
ideapad L3-15IML05: All versions
ideapad L3-15ITL6: All versions
Lenovo Legion 5 15IAH7: All versions
Lenovo Legion 5 15IAH7H: All versions
Lenovo Legion 5 Pro 16IAH7: All versions
Lenovo Legion 5 Pro 16IAH7H: All versions
Lenovo Legion 5 Pro-16ITH6: All versions
Lenovo Legion 5 Pro-16ITH6H: All versions
Lenovo Legion 5-15IMH05: All versions
Lenovo Legion 5-15IMH05H: All versions
Lenovo Legion 5-15IMH6: All versions
Lenovo Legion 5-15ITH6: All versions
Lenovo Legion 5-15ITH6H: All versions
Lenovo Legion 5-17IMH05: All versions
Lenovo Legion 5-17IMH05H: All versions
Lenovo Legion 5-17ITH6: All versions
Lenovo Legion 5-17ITH6H: All versions
Lenovo Legion 5P-15IMH05: All versions
Lenovo Legion 5P-15IMH05H: All versions
Lenovo Legion 7-16ITHg6: All versions
Lenovo S14 G2 ITL: All versions
Lenovo S14 G3 IAP: All versions
Lenovo Slim 7 14IAP7: All versions
Lenovo Slim 7 Carbon 13IAP7: All versions
Lenovo ThinkBook 15p IMH: All versions
Lenovo V14 G2 IJL: All versions
Lenovo V14 G3 IAP: All versions
Lenovo V15 G2 IJL: All versions
Lenovo V15 G3 IAP: All versions
Lenovo V17 G3 IAP: All versions
ideapad S540-13ITL: All versions
ThinkBook 15P G2 ITH: All versions
Lenovo V14 G1-IML: All versions
Lenovo V14 G2-ITL: All versions
Lenovo V14-IGL: All versions
Lenovo V15 G1-IML: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V15-IGL: All versions
Lenovo V17 G2-ITL: All versions
Lenovo V17-IIL: All versions
Yoga 7 14IAL7: All versions
Yoga 7 16IAH7: All versions
IdeaPad Yoga 7 16IAP7: All versions
ideapad Yoga 7-14ITL5: All versions
ideapad Yoga 7-15ITL5: All versions
Yoga Slim 7 Carbon 13IAP7: All versions
Yoga Slim 7 Pro 14IAH7: All versions
IdeaPad Yoga Slim 7 Pro 14IAP7: All versions
ideapad 3-14IGL05: All versions
ideapad 3-14IIL05: All versions
ideapad 3-14IML05: All versions
ideapad 3-14ITL05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-15IIL05: All versions
ideapad 3-15IML05: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15ITL6: All versions
ideapad 3-17IML05: All versions
ideapad 5-15IIL05: All versions
ideapad Creator 5-15IMH05: All versions
ideapad Gaming 3-15IMH05: All versions
IdeaPad Yoga 9 14IAP7: before HNCN42WW
External linkshttp://support.lenovo.com/us/en/product_security/LEN-103710
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68894
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-3746
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to exposed Embedded Controller (EC) interface in LCFC BIOS. A local user can access to the exposed controller interface and cause some peripherals to work abnormally.
Install updates from vendor's website.
Vulnerable software versionsIdeaPad 1 14IAU7: All versions
IdeaPad 1 14IGL7: All versions
IdeaPad 1 15IAU7: All versions
IdeaPad 1 15IGL7: All versions
IdeaPad 1-14IJL7: All versions
IdeaPad 1-15IJL7: All versions
IdeaPad 3 14IAU7: All versions
IdeaPad 3 15IAU7: All versions
IdeaPad 3 17IAU7: All versions
IdeaPad 3-15IGL05: All versions
IdeaPad 3-17IIL05: All versions
IdeaPad 3-17ITL6: All versions
IdeaPad 5 15IAL7: All versions
ideapad L3-15IML05: All versions
ideapad L3-15ITL6: All versions
Lenovo Legion 5 15IAH7: All versions
Lenovo Legion 5 15IAH7H: All versions
Lenovo Legion 5 Pro 16IAH7: All versions
Lenovo Legion 5 Pro 16IAH7H: All versions
Lenovo Legion 5 Pro-16ITH6: All versions
Lenovo Legion 5 Pro-16ITH6H: All versions
Lenovo Legion 5-15IMH05: All versions
Lenovo Legion 5-15IMH05H: All versions
Lenovo Legion 5-15IMH6: All versions
Lenovo Legion 5-15ITH6: All versions
Lenovo Legion 5-15ITH6H: All versions
Lenovo Legion 5-17IMH05: All versions
Lenovo Legion 5-17IMH05H: All versions
Lenovo Legion 5-17ITH6: All versions
Lenovo Legion 5-17ITH6H: All versions
Lenovo Legion 5P-15IMH05: All versions
Lenovo Legion 5P-15IMH05H: All versions
Lenovo Legion 7-16ITHg6: All versions
Lenovo S14 G2 ITL: All versions
Lenovo S14 G3 IAP: All versions
Lenovo Slim 7 14IAP7: All versions
Lenovo Slim 7 Carbon 13IAP7: All versions
Lenovo ThinkBook 15p IMH: All versions
Lenovo V14 G2 IJL: All versions
Lenovo V14 G3 IAP: All versions
Lenovo V15 G2 IJL: All versions
Lenovo V15 G3 IAP: All versions
Lenovo V17 G3 IAP: All versions
ideapad S540-13ITL: All versions
ThinkBook 15P G2 ITH: All versions
Lenovo V14 G1-IML: All versions
Lenovo V14 G2-ITL: All versions
Lenovo V14-IGL: All versions
Lenovo V15 G1-IML: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V15-IGL: All versions
Lenovo V17 G2-ITL: All versions
Lenovo V17-IIL: All versions
Yoga 7 14IAL7: All versions
Yoga 7 16IAH7: All versions
IdeaPad Yoga 7 16IAP7: All versions
ideapad Yoga 7-14ITL5: All versions
ideapad Yoga 7-15ITL5: All versions
Yoga Slim 7 Carbon 13IAP7: All versions
Yoga Slim 7 Pro 14IAH7: All versions
IdeaPad Yoga Slim 7 Pro 14IAP7: All versions
ideapad 3-14IGL05: All versions
ideapad 3-14IIL05: All versions
ideapad 3-14IML05: All versions
ideapad 3-14ITL05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-15IIL05: All versions
ideapad 3-15IML05: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15ITL6: All versions
ideapad 3-17IML05: All versions
ideapad 5-15IIL05: All versions
ideapad Creator 5-15IMH05: All versions
ideapad Gaming 3-15IMH05: All versions
IdeaPad Yoga 9 14IAP7: before HNCN42WW
External linkshttp://support.lenovo.com/us/en/product_security/LEN-103710
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.