Risk | Low |
Patch available | YES |
Number of vulnerabilities | 7 |
CVE-ID | CVE-2022-3728 CVE-2022-48182 CVE-2022-48183 CVE-2022-4573 CVE-2022-4574 CVE-2022-4575 CVE-2022-48189 |
CWE-ID | CWE-254 CWE-20 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
ThinkPad T14s Gen 3 21CQ 21CR Hardware solutions / Firmware ThinkPad X13 Gen 3 21CM 21CN Hardware solutions / Firmware ThinkPad T14s Gen 3 21BR 21BS Hardware solutions / Firmware ThinkPad X13 Gen 3 21BN 21BQ Hardware solutions / Firmware ThinkPad X1 Fold Gen 1 20RK Hardware solutions / Firmware ThinkPad X1 Fold Gen 1 20RL Hardware solutions / Firmware 20TQ Hardware solutions / Firmware ThinkPad P14s Gen 1 20S4 Hardware solutions / Firmware ThinkPad P14s Gen 1 20S5 Hardware solutions / Firmware ThinkPad P14s Gen 2 20VX Hardware solutions / Firmware ThinkPad P14s Gen 2 20VY Hardware solutions / Firmware ThinkPad P15s Gen 1 20T4 20T5 Hardware solutions / Firmware ThinkPad P15s Gen 2 20W6 Hardware solutions / Firmware ThinkPad P15s Gen 2 20W7 Hardware solutions / Firmware ThinkPad P15v Gen 3 21D8 21D9 Hardware solutions / Firmware ThinkPad T14 Gen 1 20S0 Hardware solutions / Firmware ThinkPad T14 Gen 1 20S1 Hardware solutions / Firmware ThinkPad T14 Gen 1 20S2 Hardware solutions / Firmware ThinkPad T14 Gen 1 20S3 Hardware solutions / Firmware ThinkPad T14 Gen 2 20W0 Hardware solutions / Firmware ThinkPad T14 Gen 2 20W1 Hardware solutions / Firmware ThinkPad T15 20S6 Hardware solutions / Firmware ThinkPad T15 20S7 Hardware solutions / Firmware ThinkPad T15 Gen 2 20W4 Hardware solutions / Firmware ThinkPad T15 Gen 2 20W5 Hardware solutions / Firmware ThinkPad T15p Gen 3 21DA 21DB Hardware solutions / Firmware ThinkPad L14 20U1 s Hardware solutions / Firmware ThinkPad L14 20U2 s Hardware solutions / Firmware ThinkPad L14 Gen 2 Type 20X1 20X2 s Hardware solutions / Firmware ThinkPad L15 20U3 Hardware solutions / Firmware ThinkPad L15 20U4 Hardware solutions / Firmware ThinkPad L15 Gen 2 Type 20X3 20X4 Hardware solutions / Firmware ThinkPad P1 Gen 3 20TH Hardware solutions / Firmware ThinkPad P1 Gen 3 20TJ Hardware solutions / Firmware ThinkPad P1 Gen 4 20Y3 Hardware solutions / Firmware ThinkPad P1 Gen 4 20Y4 Hardware solutions / Firmware ThinkPad P1 Gen 5 21DC 21DD Hardware solutions / Firmware ThinkPad P14s Gen 3 21AK Hardware solutions / Firmware ThinkPad P14s Gen 3 21AL Hardware solutions / Firmware ThinkPad P15 Gen 1 20ST Hardware solutions / Firmware ThinkPad P15 Gen 1 20SU Hardware solutions / Firmware ThinkPad P15 Gen 2 20YQ s Hardware solutions / Firmware ThinkPad P15 Gen 2 20YR s Hardware solutions / Firmware 20TR P15v Gen 1 type (ThinkPad) Hardware solutions / Firmware ThinkPad P15v Gen 2 21A9 s Hardware solutions / Firmware ThinkPad P15v Gen 2 21AA s Hardware solutions / Firmware ThinkPad P16 Gen 1 21D6 Hardware solutions / Firmware ThinkPad P16 Gen 1 21D7 Hardware solutions / Firmware ThinkPad P16s Gen 1 21BT Hardware solutions / Firmware ThinkPad P16s Gen 1 21BU Hardware solutions / Firmware ThinkPad P17 Gen 1 20SN Hardware solutions / Firmware ThinkPad P17 Gen 1 20SQ Hardware solutions / Firmware ThinkPad P17 Gen 2 20YU s Hardware solutions / Firmware ThinkPad P17 Gen 2 20YV s Hardware solutions / Firmware ThinkPad T14 Gen 3 21AH Hardware solutions / Firmware ThinkPad T14 Gen 3 21AJ Hardware solutions / Firmware ThinkPad T14s 20T0 Hardware solutions / Firmware ThinkPad T14s 20T1 Hardware solutions / Firmware ThinkPad T14s Gen 2 20WM Hardware solutions / Firmware ThinkPad T14s Gen 2 20WN Hardware solutions / Firmware ThinkPad T15g Gen 1 20UR 20US Hardware solutions / Firmware ThinkPad T15g Gen 2 20YS Hardware solutions / Firmware ThinkPad T15g Gen 2 20YT Hardware solutions / Firmware ThinkPad T15p Gen 1 20TN 20TM Hardware solutions / Firmware ThinkPad T15p Gen 2 21A7 Hardware solutions / Firmware ThinkPad T15p Gen 2 21A8 Hardware solutions / Firmware ThinkPad T16 Gen 1 21BV Hardware solutions / Firmware ThinkPad T16 Gen 1 21BW Hardware solutions / Firmware ThinkPad X1 Carbon 10th Gen 21CB Hardware solutions / Firmware ThinkPad X1 Carbon 10th Gen 21CC Hardware solutions / Firmware ThinkPad X1 Carbon 7th Gen - 20QD Hardware solutions / Firmware ThinkPad X1 Carbon 7th Gen - 20QE Hardware solutions / Firmware ThinkPad X1 Carbon 7th Gen - 20R1 Hardware solutions / Firmware ThinkPad X1 Carbon 7th Gen - 20R2 Hardware solutions / Firmware ThinkPad X1 Carbon 8th Gen - 20U9 Hardware solutions / Firmware ThinkPad X1 Carbon 8th Gen - 20UA Hardware solutions / Firmware ThinkPad X1 Carbon 9th Gen 20XW Hardware solutions / Firmware ThinkPad X1 Carbon 9th Gen 20XX Hardware solutions / Firmware ThinkPad X1 Extreme 3rd Gen 20TK Hardware solutions / Firmware ThinkPad X1 Extreme 3rd Gen 20TL Hardware solutions / Firmware ThinkPad X1 Extreme 4th Gen 20Y5 Hardware solutions / Firmware ThinkPad X1 Extreme 4th Gen 20Y6 Hardware solutions / Firmware ThinkPad X1 Extreme Gen 5 21DE Hardware solutions / Firmware ThinkPad X1 Extreme Gen 5 21DF Hardware solutions / Firmware ThinkPad X1 Nano Gen 1 20UN 20UQ Hardware solutions / Firmware ThinkPad X1 Nano Gen 2 21E8 21E9 Hardware solutions / Firmware ThinkPad X1 Titanium 20QA Hardware solutions / Firmware ThinkPad X1 Titanium 20QB Hardware solutions / Firmware ThinkPad X1 Yoga 4th Gen 20QF Hardware solutions / Firmware ThinkPad X1 Yoga 4th Gen 20QG Hardware solutions / Firmware ThinkPad X1 Yoga 4th Gen 20SA Hardware solutions / Firmware ThinkPad X1 Yoga 4th Gen 20SB Hardware solutions / Firmware ThinkPad X1 Yoga 5th Gen 20UB Hardware solutions / Firmware ThinkPad X1 Yoga 5th Gen 20UC Hardware solutions / Firmware ThinkPad X1 Yoga 6th Gen 20XY Hardware solutions / Firmware ThinkPad X1 Yoga 6th Gen 20Y0 Hardware solutions / Firmware ThinkPad X1 Yoga 7th Gen 21CD Hardware solutions / Firmware ThinkPad X1 Yoga 7th Gen 21CE Hardware solutions / Firmware ThinkPad X13 20T2 Hardware solutions / Firmware ThinkPad X13 20T3 Hardware solutions / Firmware ThinkPad X13 Gen 2 20WK Hardware solutions / Firmware ThinkPad X13 Gen 2 20WL Hardware solutions / Firmware ThinkPad X13 Yoga Gen 1 Hardware solutions / Firmware ThinkPad X13 Yoga Gen 2 20W8 Hardware solutions / Firmware ThinkPad X13 Yoga Gen 2 20W9 Hardware solutions / Firmware ThinkPad X260 Hardware solutions / Firmware ThinkPad 25 20K7 Hardware solutions / Firmware ThinkPad L560 Hardware solutions / Firmware ThinkPad P50 Hardware solutions / Firmware ThinkPad P50s Hardware solutions / Firmware ThinkPad P70 Hardware solutions / Firmware ThinkPad T470 20HD Hardware solutions / Firmware ThinkPad T470 20HE Hardware solutions / Firmware ThinkPad T470 20JM Hardware solutions / Firmware ThinkPad T470 20JN Hardware solutions / Firmware ThinkPad T470s 20HF Hardware solutions / Firmware ThinkPad T470s 20HG Hardware solutions / Firmware ThinkPad T470s 20JS Hardware solutions / Firmware ThinkPad T470s 20JT Hardware solutions / Firmware ThinkPad T560 Hardware solutions / Firmware ThinkPad X1 Carbon 4th Gen 20FB Hardware solutions / Firmware ThinkPad X1 Carbon 4th Gen 20FC Hardware solutions / Firmware ThinkPad X1 Yoga 1st Gen 20FQ Hardware solutions / Firmware ThinkPad X1 Yoga 1st Gen 20FR Hardware solutions / Firmware ThinkPad X270 20HN Hardware solutions / Firmware ThinkPad X270 20HM Hardware solutions / Firmware ThinkPad X270 20K6 Hardware solutions / Firmware ThinkPad X270 20K5 Hardware solutions / Firmware ThinkPad Yoga 260 Hardware solutions / Firmware ThinkPad L13 Gen 2 20VH s Hardware solutions / Firmware ThinkPad L13 Gen 2 20VJ s Hardware solutions / Firmware ThinkPad L13 Gen 3 21B3 Hardware solutions / Firmware ThinkPad L13 Gen 3 21B4 Hardware solutions / Firmware ThinkPad L13 Yoga Gen 2 20VL s Hardware solutions / Firmware ThinkPad L13 Yoga Gen 2 20VK s Hardware solutions / Firmware ThinkPad L13 Yoga Gen 3 21B5 Hardware solutions / Firmware ThinkPad L13 Yoga Gen 3 21B6 Hardware solutions / Firmware ThinkPad L14 Gen 3 21C1 s Hardware solutions / Firmware ThinkPad L14 Gen 3 21C2 s Hardware solutions / Firmware ThinkPad L15 Gen 3 21C3 s Hardware solutions / Firmware ThinkPad L15 Gen 3 21C4 s Hardware solutions / Firmware ThinkPad P15v Gen 3 21EN 21EM Hardware solutions / Firmware ThinkPad P43s 20RH Hardware solutions / Firmware ThinkPad P43s 20RJ Hardware solutions / Firmware ThinkPad P53s 20N6 Hardware solutions / Firmware ThinkPad P53s 20N7 Hardware solutions / Firmware ThinkPad T490 20N2 Hardware solutions / Firmware ThinkPad T490 20N3 Hardware solutions / Firmware ThinkPad T490 20RY Hardware solutions / Firmware ThinkPad T490 20RX Hardware solutions / Firmware ThinkPad T490 Type 20Q9 Hardware solutions / Firmware 20QH Hardware solutions / Firmware ThinkPad T590 20N4 Hardware solutions / Firmware ThinkPad T590 20N5 Hardware solutions / Firmware ThinkPad S2 Gen 6 Type 20VM China Only Hardware solutions / Firmware ThinkPad S2 Yoga Gen 6 Type 20VN China Only Hardware solutions / Firmware X13 Yoga Gen 3 21AW (ThinkPad Hardware solutions / Firmware X13 Yoga Gen 3 21AX (ThinkPad Hardware solutions / Firmware ThinkPad Z13 Gen 1 21D2 Hardware solutions / Firmware ThinkPad Z13 Gen 1 21D3 Hardware solutions / Firmware ThinkPad Z16 Gen 1 21D4 Hardware solutions / Firmware ThinkPad Z16 Gen 1 21D5 Hardware solutions / Firmware ThinkPad E14 20RA Hardware solutions / Firmware ThinkPad E14 20RB Hardware solutions / Firmware ThinkPad E14 Gen 2 20TA Hardware solutions / Firmware ThinkPad E14 Gen 2 20TB Hardware solutions / Firmware ThinkPad E14 Gen 4 21E3 s Hardware solutions / Firmware ThinkPad E14 Gen 4 21E4 s Hardware solutions / Firmware ThinkPad E15 20RD Hardware solutions / Firmware ThinkPad E15 20RE Hardware solutions / Firmware ThinkPad E15 Gen 2 20TD Hardware solutions / Firmware ThinkPad E15 Gen 2 20TE Hardware solutions / Firmware ThinkPad E15 Gen 4 21E6 21E7 s Hardware solutions / Firmware ThinkPad E490 20N8 Hardware solutions / Firmware ThinkPad E490 20N9 Hardware solutions / Firmware ThinkPad E490s 20NG Hardware solutions / Firmware ThinkPad E590 20NB Hardware solutions / Firmware ThinkPad E590 20NC Hardware solutions / Firmware ThinkPad L490 20Q5 s Hardware solutions / Firmware ThinkPad L490 20Q6 s Hardware solutions / Firmware ThinkPad L590 20Q7 s Hardware solutions / Firmware ThinkPad L590 20Q8 s Hardware solutions / Firmware ThinkPad P1 Gen 2 20QT Hardware solutions / Firmware ThinkPad P1 Gen 2 20QU Hardware solutions / Firmware ThinkPad P53 20QN Hardware solutions / Firmware ThinkPad P53 20QQ Hardware solutions / Firmware Thinkpad P73 20QR Hardware solutions / Firmware Thinkpad P73 20QS Hardware solutions / Firmware ThinkPad T490s 20NX Hardware solutions / Firmware ThinkPad T490s 20NY Hardware solutions / Firmware ThinkPad R14 Gen 2 Type 20TC PRC Hardware solutions / Firmware ThinkPad R14 Gen 4 Types 21E5 PRC only Hardware solutions / Firmware ThinkPad S3 2nd Gen type 20RG China only Hardware solutions / Firmware ThinkPad X1 Extreme 2nd Gen 20QV Hardware solutions / Firmware ThinkPad X1 Extreme 2nd Gen 20QW Hardware solutions / Firmware ThinkPad X12 Detachable Gen 1 20UW Hardware solutions / Firmware ThinkPad X12 Detachable Gen 1 20UV Hardware solutions / Firmware ThinkPad X390 20Q0 Hardware solutions / Firmware ThinkPad X390 20Q1 Hardware solutions / Firmware ThinkPad X390 20SC Hardware solutions / Firmware ThinkPad X390 20SD Hardware solutions / Firmware ThinkPad X390 Yoga Hardware solutions / Firmware |
Vendor | Lenovo |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
EUVDB-ID: #VU73729
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-3728
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to an error in the BIOS tamper detection mechanism. A local user can bypass implemented security restrictions and execute arbitrary code on the system.
Install updates from vendor's website.
Vulnerable software versionsThinkPad T14s Gen 3 21CQ 21CR: before R22ET55W
ThinkPad X13 Gen 3 21CM 21CN: before R22ET55W
External linkshttp://support.lenovo.com/us/en/product_security/LEN-106014
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU73730
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48182
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to an error in the BIOS tamper detection mechanism. A local user can bypass implemented security restrictions and execute arbitrary code on the system. MitigationInstall updates from vendor's website.
Vulnerable software versionsThinkPad T14s Gen 3 21BR 21BS: All versions
ThinkPad X13 Gen 3 21BN 21BQ: All versions
ThinkPad T14s Gen 3 21CQ 21CR: before R22ET60W
ThinkPad X13 Gen 3 21CM 21CN: before R22ET60W
External linkshttp://support.lenovo.com/us/en/product_security/LEN-106014
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU73731
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48183
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to an error in the BIOS tamper detection mechanism. A local user can bypass implemented security restrictions and execute arbitrary code on the system. MitigationInstall updates from vendor's website.
Vulnerable software versionsThinkPad T14s Gen 3 21BR 21BS: All versions
ThinkPad X13 Gen 3 21BN 21BQ: All versions
ThinkPad T14s Gen 3 21CQ 21CR: before R22ET60W
ThinkPad X13 Gen 3 21CM 21CN: before R22ET60W
External linkshttp://support.lenovo.com/us/en/product_security/LEN-106014
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU73732
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2022-4573
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in the SMI handler. A local user can execute arbitrary code on the target system.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsThinkPad X1 Fold Gen 1 20RK: All versions
ThinkPad X1 Fold Gen 1 20RL: All versions
External linkshttp://support.lenovo.com/us/en/product_security/LEN-106014
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU73733
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-4574
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
Install updates from vendor's website.
Vulnerable software versions20TQ: All versions
ThinkPad P14s Gen 1 20S4: All versions
ThinkPad P14s Gen 1 20S5: All versions
ThinkPad P14s Gen 2 20VX: All versions
ThinkPad P14s Gen 2 20VY: All versions
ThinkPad P15s Gen 1 20T4 20T5: All versions
ThinkPad P15s Gen 2 20W6: All versions
ThinkPad P15s Gen 2 20W7: All versions
ThinkPad P15v Gen 3 21D8 21D9: All versions
ThinkPad T14 Gen 1 20S0: All versions
ThinkPad T14 Gen 1 20S1: All versions
ThinkPad T14 Gen 1 20S2: All versions
ThinkPad T14 Gen 1 20S3: All versions
ThinkPad T14 Gen 2 20W0: All versions
ThinkPad T14 Gen 2 20W1: All versions
ThinkPad T15 20S6: All versions
ThinkPad T15 20S7: All versions
ThinkPad T15 Gen 2 20W4: All versions
ThinkPad T15 Gen 2 20W5: All versions
ThinkPad T15p Gen 3 21DA 21DB: All versions
ThinkPad X1 Fold Gen 1 20RK: All versions
ThinkPad X1 Fold Gen 1 20RL: All versions
ThinkPad L14 20U1 s: before R17UJ16W.EXE(R17ET36W)
ThinkPad L14 20U2 s: before R17UJ16W.EXE(R17ET36W)
ThinkPad L14 Gen 2 Type 20X1 20X2 s: before R1JET61W
ThinkPad L15 20U3: before R17UJ16W.EXE(R17ET36W)
ThinkPad L15 20U4: before R17UJ16W.EXE(R17ET36W)
ThinkPad L15 Gen 2 Type 20X3 20X4: before R1JET61W
ThinkPad P1 Gen 3 20TH: before N2VET41W
ThinkPad P1 Gen 3 20TJ: before N2VET41W
ThinkPad P1 Gen 4 20Y3: before N40ET39W
ThinkPad P1 Gen 4 20Y4: before N40ET39W
ThinkPad P1 Gen 5 21DC 21DD: before N3JET27W
ThinkPad P14s Gen 3 21AK: before N3BUJ09W (N3BET53W)
ThinkPad P14s Gen 3 21AL: before N3BUJ09W (N3BET53W)
ThinkPad P15 Gen 1 20ST: before N30UJ16W (N30ET49W)
ThinkPad P15 Gen 1 20SU: before N30UJ16W (N30ET49W)
ThinkPad P15 Gen 2 20YQ s: before N37UJ12W (N37ET44W)
ThinkPad P15 Gen 2 20YR s: before N37UJ12W (N37ET44W)
20TR P15v Gen 1 type (ThinkPad): before N30UJ16W (N30ET49W)
ThinkPad P15v Gen 2 21A9 s: before N38UJ08W (N38ET36W)
ThinkPad P15v Gen 2 21AA s: before N38UJ08W (N38ET36W)
ThinkPad P16 Gen 1 21D6: before N3FUJ07W (N3FET32W)
ThinkPad P16 Gen 1 21D7: before N3FUJ07W (N3FET32W)
ThinkPad P16s Gen 1 21BT: before N3BUJ09W (N3BET53W)
ThinkPad P16s Gen 1 21BU: before N3BUJ09W (N3BET53W)
ThinkPad P17 Gen 1 20SN: before N30UJ16W (N30ET49W)
ThinkPad P17 Gen 1 20SQ: before N30UJ16W (N30ET49W)
ThinkPad P17 Gen 2 20YU s: before N37UJ12W (N37ET44W)
ThinkPad P17 Gen 2 20YV s: before N37UJ12W (N37ET44W)
ThinkPad T14 Gen 3 21AH: before N3BUJ09W (N3BET53W)
ThinkPad T14 Gen 3 21AJ: before N3BUJ09W (N3BET53W)
ThinkPad T14s 20T0: before N2YET37W
ThinkPad T14s 20T1: before N2YET37W
ThinkPad T14s Gen 2 20WM: before N35UJ14W (N35ET52W)
ThinkPad T14s Gen 2 20WN: before N35UJ14W (N35ET52W)
ThinkPad T14s Gen 3 21BR 21BS: before N3CUR07W (N3CET52W)
ThinkPad T15g Gen 1 20UR 20US: before N30UJ16W (N30ET49W)
ThinkPad T15g Gen 2 20YS: before N37UJ12W (N37ET44W)
ThinkPad T15g Gen 2 20YT: before N37UJ12W (N37ET44W)
ThinkPad T15p Gen 1 20TN 20TM: before N30UJ16W (N30ET49W)
ThinkPad T15p Gen 2 21A7: before N38UJ08W (N38ET36W)
ThinkPad T15p Gen 2 21A8: before N38UJ08W (N38ET36W)
ThinkPad T16 Gen 1 21BV: before N3BUJ09W (N3BET53W)
ThinkPad T16 Gen 1 21BW: before N3BUJ09W (N3BET53W)
ThinkPad X1 Carbon 10th Gen 21CB: before N3AUJ13W.exe (N3AET66W)
ThinkPad X1 Carbon 10th Gen 21CC: before N3AUJ13W.exe (N3AET66W)
ThinkPad X1 Carbon 7th Gen - 20QD: before N2HUJ48W.exe (N2QET50W)
ThinkPad X1 Carbon 7th Gen - 20QE: before N2HUJ48W.exe (N2QET50W)
ThinkPad X1 Carbon 7th Gen - 20R1: before N2HUJ48W.exe (N2QET50W)
ThinkPad X1 Carbon 7th Gen - 20R2: before N2HUJ48W.exe (N2QET50W)
ThinkPad X1 Carbon 8th Gen - 20U9: before N2WUJ26W (N2WET40W)
ThinkPad X1 Carbon 8th Gen - 20UA: before N2WUJ26W (N2WET40W)
ThinkPad X1 Carbon 9th Gen 20XW: before N32UJ19W.exe (N32ET81W)
ThinkPad X1 Carbon 9th Gen 20XX: before N32UJ19W.exe (N32ET81W)
ThinkPad X1 Extreme 3rd Gen 20TK: before N2VET41W
ThinkPad X1 Extreme 3rd Gen 20TL: before N2VET41W
ThinkPad X1 Extreme 4th Gen 20Y5: before N40ET39W
ThinkPad X1 Extreme 4th Gen 20Y6: before N40ET39W
ThinkPad X1 Extreme Gen 5 21DE: before N3JET27W
ThinkPad X1 Extreme Gen 5 21DF: before N3JET27W
ThinkPad X1 Nano Gen 1 20UN 20UQ: before N2TUJ20W.exe (N2TET76W)
ThinkPad X1 Nano Gen 2 21E8 21E9: before N3IET36W
ThinkPad X1 Titanium 20QA: before N2MUJ15W.exe (N2MET58W)
ThinkPad X1 Titanium 20QB: before N2MUJ15W.exe (N2MET58W)
ThinkPad X1 Yoga 4th Gen 20QF: before N2HUJ48W.exe (N2QET50W)
ThinkPad X1 Yoga 4th Gen 20QG: before N2HUJ48W.exe (N2QET50W)
ThinkPad X1 Yoga 4th Gen 20SA: before N2HUJ48W.exe (N2QET50W)
ThinkPad X1 Yoga 4th Gen 20SB: before N2HUJ48W.exe (N2QET50W)
ThinkPad X1 Yoga 5th Gen 20UB: before N2WUJ26W (N2WET40W)
ThinkPad X1 Yoga 5th Gen 20UC: before N2WUJ26W (N2WET40W)
ThinkPad X1 Yoga 6th Gen 20XY: before N32UJ19W.exe (N32ET81W)
ThinkPad X1 Yoga 6th Gen 20Y0: before N32UJ19W.exe (N32ET81W)
ThinkPad X1 Yoga 7th Gen 21CD: before N3AUJ13W.exe (N3AET66W)
ThinkPad X1 Yoga 7th Gen 21CE: before N3AUJ13W.exe (N3AET66W)
ThinkPad X13 20T2: before N2YET37W
ThinkPad X13 20T3: before N2YET37W
ThinkPad X13 Gen 2 20WK: before N35UJ14W (N35ET52W)
ThinkPad X13 Gen 2 20WL: before N35UJ14W (N35ET52W)
ThinkPad X13 Gen 3 21BN 21BQ: before N3CUR07W (N3CET52W)
ThinkPad X13 Yoga Gen 1: before N2UET64W
ThinkPad X13 Yoga Gen 2 20W8: before N39ET60W
ThinkPad X13 Yoga Gen 2 20W9: before N39ET60W
External linkshttp://support.lenovo.com/us/en/product_security/LEN-106014
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU73734
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-4575
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists due to improper write protection of UEFI variables. An attacker with physical access to device can bypass the Secure Boot mechanism and compromise the affected system. MitigationInstall updates from vendor's website.
Vulnerable software versionsThinkPad X260: All versions
ThinkPad 25 20K7: before N1QET98W
ThinkPad L560: before N1HUJ45W.exe(N1HET98W)
ThinkPad P50: before N1EET98W
ThinkPad P50s: before N1KUJ35W.exe(N1KET58W)
ThinkPad P70: before N1DETB9W
ThinkPad T470 20HD: before N1QET98W
ThinkPad T470 20HE: before N1QET98W
ThinkPad T470 20JM: before N1QET98W
ThinkPad T470 20JN: before N1QET98W
ThinkPad T470s 20HF: before N1WET70W
ThinkPad T470s 20HG: before N1WET70W
ThinkPad T470s 20JS: before N1WET70W
ThinkPad T470s 20JT: before N1WET70W
ThinkPad T560: before N1KUJ35W.exe(N1KET58W)
ThinkPad X1 Carbon 4th Gen 20FB: before N1FUJ49W.exe(N1FET82W)
ThinkPad X1 Carbon 4th Gen 20FC: before N1FUJ49W.exe(N1FET82W)
ThinkPad X1 Yoga 1st Gen 20FQ: before N1FUJ49W.exe(N1FET82W)
ThinkPad X1 Yoga 1st Gen 20FR: before N1FUJ49W.exe(N1FET82W)
ThinkPad X270 20HN: before R0IET69W
ThinkPad X270 20HM: before R0IET69W
ThinkPad X270 20K6: before R0IET69W
ThinkPad X270 20K5: before R0IET69W
ThinkPad Yoga 260: before N1GUJ43W.exe (N1GETA9W)
External linkshttp://support.lenovo.com/us/en/product_security/LEN-106014
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU73735
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48189
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in the SMM driver. A local user can execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Vulnerable software versions20TQ: All versions
ThinkPad L13 Gen 2 20VH s: All versions
ThinkPad L13 Gen 2 20VJ s: All versions
ThinkPad L13 Gen 3 21B3: All versions
ThinkPad L13 Gen 3 21B4: All versions
ThinkPad L13 Yoga Gen 2 20VL s: All versions
ThinkPad L13 Yoga Gen 2 20VK s: All versions
ThinkPad L13 Yoga Gen 3 21B5: All versions
ThinkPad L13 Yoga Gen 3 21B6: All versions
ThinkPad L14 Gen 3 21C1 s: All versions
ThinkPad L14 Gen 3 21C2 s: All versions
ThinkPad L15 Gen 3 21C3 s: All versions
ThinkPad L15 Gen 3 21C4 s: All versions
ThinkPad P1 Gen 4 20Y3: All versions
ThinkPad P1 Gen 4 20Y4: All versions
ThinkPad P14s Gen 1 20S4: All versions
ThinkPad P14s Gen 1 20S5: All versions
ThinkPad P14s Gen 2 20VX: All versions
ThinkPad P14s Gen 2 20VY: All versions
ThinkPad P15s Gen 1 20T4 20T5: All versions
ThinkPad P15s Gen 2 20W6: All versions
ThinkPad P15s Gen 2 20W7: All versions
ThinkPad P15v Gen 3 21D8 21D9: All versions
ThinkPad P15v Gen 3 21EN 21EM: All versions
ThinkPad P43s 20RH: All versions
ThinkPad P43s 20RJ: All versions
ThinkPad P53s 20N6: All versions
ThinkPad P53s 20N7: All versions
ThinkPad T14 Gen 1 20S0: All versions
ThinkPad T14 Gen 1 20S1: All versions
ThinkPad T14 Gen 1 20S2: All versions
ThinkPad T14 Gen 1 20S3: All versions
ThinkPad T14 Gen 2 20W0: All versions
ThinkPad T14 Gen 2 20W1: All versions
ThinkPad T15 20S6: All versions
ThinkPad T15 20S7: All versions
ThinkPad T15 Gen 2 20W4: All versions
ThinkPad T15 Gen 2 20W5: All versions
ThinkPad T15p Gen 3 21DA 21DB: All versions
ThinkPad T490 20N2: All versions
ThinkPad T490 20N3: All versions
ThinkPad T490 20RY: All versions
ThinkPad T490 20RX: All versions
ThinkPad T490 Type 20Q9: All versions
20QH: All versions
ThinkPad T590 20N4: All versions
ThinkPad T590 20N5: All versions
ThinkPad S2 Gen 6 Type 20VM China Only: All versions
ThinkPad S2 Yoga Gen 6 Type 20VN China Only: All versions
ThinkPad X1 Extreme 4th Gen 20Y5: All versions
ThinkPad X1 Extreme 4th Gen 20Y6: All versions
ThinkPad X1 Fold Gen 1 20RK: All versions
ThinkPad X1 Fold Gen 1 20RL: All versions
X13 Yoga Gen 3 21AW (ThinkPad: All versions
X13 Yoga Gen 3 21AX (ThinkPad: All versions
ThinkPad Z13 Gen 1 21D2: All versions
ThinkPad Z13 Gen 1 21D3: All versions
ThinkPad Z16 Gen 1 21D4: All versions
ThinkPad Z16 Gen 1 21D5: All versions
ThinkPad E14 20RA: before R16UJ20W.EXE(R16ET37W)
ThinkPad E14 20RB: before R16UJ20W.EXE(R16ET37W)
ThinkPad E14 Gen 2 20TA: before R1EET55W
ThinkPad E14 Gen 2 20TB: before R1EET55W
ThinkPad E14 Gen 4 21E3 s: before R1SET46W
ThinkPad E14 Gen 4 21E4 s: before R1SET46W
ThinkPad E15 20RD: before R16UJ20W.EXE(R16ET37W)
ThinkPad E15 20RE: before R16UJ20W.EXE(R16ET37W)
ThinkPad E15 Gen 2 20TD: before R1EET55W
ThinkPad E15 Gen 2 20TE: before R1EET55W
ThinkPad E15 Gen 4 21E6 21E7 s: before R1SET46W
ThinkPad E490 20N8: before R0YET51W
ThinkPad E490 20N9: before R0YET51W
ThinkPad E490s 20NG: before R0YET51W
ThinkPad E590 20NB: before R0YET51W
ThinkPad E590 20NC: before R0YET51W
ThinkPad L14 20U1 s: before R17UJ16W.EXE(R17ET36W)
ThinkPad L14 20U2 s: before R17UJ16W.EXE(R17ET36W)
ThinkPad L14 Gen 2 Type 20X1 20X2 s: before R1JET61W
ThinkPad L15 20U3: before R17UJ16W.EXE(R17ET36W)
ThinkPad L15 20U4: before R17UJ16W.EXE(R17ET36W)
ThinkPad L15 Gen 2 Type 20X3 20X4: before R1JET61W
ThinkPad L490 20Q5 s: before R0ZET54W
ThinkPad L490 20Q6 s: before R0ZET54W
ThinkPad L590 20Q7 s: before R0ZET54W
ThinkPad L590 20Q8 s: before R0ZET54W
ThinkPad P1 Gen 2 20QT: before N2OUJ28W.exe(N2OET59W)
ThinkPad P1 Gen 2 20QU: before N2OUJ28W.exe(N2OET59W)
ThinkPad P1 Gen 3 20TH: before N2VUJ23W.exe(N2VET42W)
ThinkPad P1 Gen 3 20TJ: before N2VUJ23W.exe(N2VET42W)
ThinkPad P1 Gen 5 21DC 21DD: before N3JUJ09W.exe(N3JET30W)
ThinkPad P14s Gen 3 21AK: before N3BUJ09W/N3BUJ09W (N3BET53W/N3MET12W)
ThinkPad P14s Gen 3 21AL: before N3BUJ09W/N3BUJ09W (N3BET53W/N3MET12W)
ThinkPad P15 Gen 1 20ST: before N30UJ16W (N30ET49W)
ThinkPad P15 Gen 1 20SU: before N30UJ16W (N30ET49W)
ThinkPad P15 Gen 2 20YQ s: before N37UJ12W (N37ET44W)
ThinkPad P15 Gen 2 20YR s: before N37UJ12W (N37ET44W)
20TR P15v Gen 1 type (ThinkPad): before N30UJ16W (N30ET49W)
ThinkPad P15v Gen 2 21A9 s: before N38UJ09W (N38ET37W)
ThinkPad P15v Gen 2 21AA s: before N38UJ09W (N38ET37W)
ThinkPad P16 Gen 1 21D6: before N3FUJ07W (N3FET32W)
ThinkPad P16 Gen 1 21D7: before N3FUJ07W (N3FET32W)
ThinkPad P16s Gen 1 21BT: before N3BUJ09W/N3BUJ09W (N3BET53W/N3MET12W)
ThinkPad P16s Gen 1 21BU: before N3BUJ09W/N3BUJ09W (N3BET53W/N3MET12W)
ThinkPad P17 Gen 1 20SN: before N30UJ16W (N30ET49W)
ThinkPad P17 Gen 1 20SQ: before N30UJ16W (N30ET49W)
ThinkPad P17 Gen 2 20YU s: before N37UJ12W (N37ET44W)
ThinkPad P17 Gen 2 20YV s: before N37UJ12W (N37ET44W)
ThinkPad P53 20QN: before N2NUJ24W (N2NET55W)
ThinkPad P53 20QQ: before N2NUJ24W (N2NET55W)
Thinkpad P73 20QR: before N2NUJ24W (N2NET55W)
Thinkpad P73 20QS: before N2NUJ24W (N2NET55W)
ThinkPad T14 Gen 3 21AH: before N3BUJ09W/N3BUJ09W (N3BET53W/N3MET12W)
ThinkPad T14 Gen 3 21AJ: before N3BUJ09W/N3BUJ09W (N3BET53W/N3MET12W)
ThinkPad T14s 20T0: before N2YET37W
ThinkPad T14s 20T1: before N2YET37W
ThinkPad T14s Gen 2 20WM: before N35UJ13W (N35ET51W)
ThinkPad T14s Gen 2 20WN: before N35UJ13W (N35ET51W)
ThinkPad T14s Gen 3 21BR 21BS: before N3CUR07W (N3CET52W)
ThinkPad T15g Gen 1 20UR 20US: before N30UJ16W (N30ET49W)
ThinkPad T15g Gen 2 20YS: before N37UJ12W (N37ET44W)
ThinkPad T15g Gen 2 20YT: before N37UJ12W (N37ET44W)
ThinkPad T15p Gen 1 20TN 20TM: before N30UJ16W (N30ET49W)
ThinkPad T15p Gen 2 21A7: before N38UJ09W (N38ET37W)
ThinkPad T15p Gen 2 21A8: before N38UJ09W (N38ET37W)
ThinkPad T16 Gen 1 21BV: before N3BUJ09W/N3BUJ09W (N3BET53W/N3MET12W)
ThinkPad T16 Gen 1 21BW: before N3BUJ09W/N3BUJ09W (N3BET53W/N3MET12W)
ThinkPad T490s 20NX: before N2JUJ38W (N2JETA1W)
ThinkPad T490s 20NY: before N2JUJ38W (N2JETA1W)
ThinkPad R14 Gen 2 Type 20TC PRC: before R1EET55W
ThinkPad R14 Gen 4 Types 21E5 PRC only: before R1SET46W
ThinkPad S3 2nd Gen type 20RG China only: before R16UJ20W.EXE(R16ET37W)
ThinkPad X1 Carbon 10th Gen 21CB: before N3AUJ17W.exe (N3AET71W)
ThinkPad X1 Carbon 10th Gen 21CC: before N3AUJ17W.exe (N3AET71W)
ThinkPad X1 Carbon 7th Gen - 20QD: before N2HUJ49W.exe (N2HET73W)
ThinkPad X1 Carbon 7th Gen - 20QE: before N2HUJ49W.exe (N2HET73W)
ThinkPad X1 Carbon 7th Gen - 20R1: before N2HUJ49W.exe (N2HET73W)
ThinkPad X1 Carbon 7th Gen - 20R2: before N2HUJ49W.exe (N2HET73W)
ThinkPad X1 Carbon 8th Gen - 20U9: before N2WUJ26W (N2WET40W)
ThinkPad X1 Carbon 8th Gen - 20UA: before N2WUJ26W (N2WET40W)
ThinkPad X1 Carbon 9th Gen 20XW: before N32UJ20W.exe (N32ET82W)
ThinkPad X1 Carbon 9th Gen 20XX: before N32UJ20W.exe (N32ET82W)
ThinkPad X1 Extreme 2nd Gen 20QV: before N2OUJ28W.exe(N2OET59W)
ThinkPad X1 Extreme 2nd Gen 20QW: before N2OUJ28W.exe(N2OET59W)
ThinkPad X1 Extreme 3rd Gen 20TK: before N2VUJ23W.exe(N2VET42W)
ThinkPad X1 Extreme 3rd Gen 20TL: before N2VUJ23W.exe(N2VET42W)
ThinkPad X1 Extreme Gen 5 21DE: before N3JUJ09W.exe(N3JET30W)
ThinkPad X1 Extreme Gen 5 21DF: before N3JUJ09W.exe(N3JET30W)
ThinkPad X1 Nano Gen 1 20UN 20UQ: before N2TUJ20W.exe (N2TET77W)
ThinkPad X1 Nano Gen 2 21E8 21E9: before N3IUJ10W.exe(N3IET38W)
ThinkPad X1 Titanium 20QA: before N2MUJ16W (N2MET59W)
ThinkPad X1 Titanium 20QB: before N2MUJ16W (N2MET59W)
ThinkPad X1 Yoga 4th Gen 20QF: before N2HUJ49W.exe (N2HET73W)
ThinkPad X1 Yoga 4th Gen 20QG: before N2HUJ49W.exe (N2HET73W)
ThinkPad X1 Yoga 4th Gen 20SA: before N2HUJ49W.exe (N2HET73W)
ThinkPad X1 Yoga 4th Gen 20SB: before N2HUJ49W.exe (N2HET73W)
ThinkPad X1 Yoga 5th Gen 20UB: before N2WUJ26W (N2WET40W)
ThinkPad X1 Yoga 5th Gen 20UC: before N2WUJ26W (N2WET40W)
ThinkPad X1 Yoga 6th Gen 20XY: before N32UJ20W.exe (N32ET82W)
ThinkPad X1 Yoga 6th Gen 20Y0: before N32UJ20W.exe (N32ET82W)
ThinkPad X1 Yoga 7th Gen 21CD: before N3AUJ17W.exe (N3AET71W)
ThinkPad X1 Yoga 7th Gen 21CE: before N3AUJ17W.exe (N3AET71W)
ThinkPad X12 Detachable Gen 1 20UW: before R1GUJ15W.exe(R1GET53W)
ThinkPad X12 Detachable Gen 1 20UV: before R1GUJ15W.exe(R1GET53W)
ThinkPad X13 20T2: before N2YET37W
ThinkPad X13 20T3: before N2YET37W
ThinkPad X13 Gen 2 20WK: before N35UJ13W (N35ET51W)
ThinkPad X13 Gen 2 20WL: before N35UJ13W (N35ET51W)
ThinkPad X13 Gen 3 21BN 21BQ: before N3CUR07W (N3CET52W)
ThinkPad X13 Yoga Gen 1: before N2UUJ26W.exe(N2UET65W)
ThinkPad X13 Yoga Gen 2 20W8: before N39UJ18W.exe(N39ET61W)
ThinkPad X13 Yoga Gen 2 20W9: before N39UJ18W.exe(N39ET61W)
ThinkPad X390 20Q0: before N2JUJ38W (N2JETA1W)
ThinkPad X390 20Q1: before N2JUJ38W (N2JETA1W)
ThinkPad X390 20SC: before N2JUJ38W (N2JETA1W)
ThinkPad X390 20SD: before N2JUJ38W (N2JETA1W)
ThinkPad X390 Yoga: before N2LUJ32W.exe(N2LET95W)
External linkshttp://support.lenovo.com/us/en/product_security/LEN-106014
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.