Buffer overflow in Lenovo Hardware solutions

#VU75028 Buffer overflow in Lenovo Hardware solutions

Published: 2023-04-12

Vulnerability identifier: #VU75028

Vulnerability risk: Low

CVSSv3.1: 8.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-24350

CWE-ID: CWE-119

Exploitation vector: Local

Exploit availability: No

Vendor: Lenovo

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the Insyde BIOS code. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

The vendor plans to release patches in August 2023.

Vulnerable software versions

ideapad D330-10IGL: All versions

IdeaPad 1 14IAU7: All versions

IdeaPad 1 15IAU7: All versions

IdeaPad 3 14IAU7: All versions

IdeaPad 3 15IAU7: All versions

IdeaPad 3 17IAU7: All versions

IdeaPad 3-14ARE05: All versions

IdeaPad 3-15ARE05: All versions

IdeaPad 3-17ARE05: All versions

IdeaPad 3-17ITL6: All versions

IdeaPad 5 14IAL7: All versions

IdeaPad 5 15IAL7: All versions

IdeaPad 5 Pro 14IAP7: All versions

IdeaPad 5 Pro 16IAH7: All versions

IdeaPad 5-14ITL05: All versions

IdeaPad Duet 3 10IGL5: All versions

IdeaPad Duet 5 12IAU7: All versions

IdeaPad Gaming 3 15IAH7: All versions

IdeaPad Gaming 3 16IAH7: All versions

IdeaPad Gaming 3-15IHU6: All versions

ideapad L3-15ITL6: All versions

Lenovo Legion 5 15IAH7: All versions

Lenovo Legion 5 15IAH7H: All versions

Lenovo Legion 5 Pro 16IA H7: All versions

Lenovo Legion 5 Pro 16IAH7H: All versions

Lenovo Legion 5 Pro-16ITH6: All versions

Lenovo Legion 5 Pro-16ITH6H: All versions

Lenovo Legion 5-15ITH6: All versions

Lenovo Legion 5-15ITH6H: All versions

Lenovo Legion 5-17ITH6: All versions

Lenovo Legion 5-17ITH6H: All versions

Legion 7 16IAX7: All versions

Lenovo Legion 7-16ITHg6: All versions

Lenovo Legion S7 16IAH7: All versions

Lenovo S14 G2 ITL: All versions

Lenovo S14 G3 IAP: All versions

Lenovo Slim 7 14IAP7: All versions

Lenovo Slim 7 14IRP8: All versions

Lenovo Slim 7 Carbon 13IAP7: All versions

Lenovo Slim 7 Carbon 13IRP8: All versions

Lenovo Slim 7 ProX 14IAH7: All versions

Lenovo Slim 9 14IAP7: All versions

Lenovo V14 G3 IAP: All versions

Lenovo V15 G3 IAP: All versions

Lenovo V17 G3 IAP: All versions

ideapad S540-13ARE: All versions

ideapad S540-13ITL: All versions

Lenovo Slim 7 16IAH7: All versions

IdeaPad Slim 7 Pro-14IHU5: All versions

ideapad Slim 7-14ARE05: All versions

ideapad Slim 7-14ITL05: All versions

ideapad Slim 7-15ITL05: All versions

ThinkBook 13x ITG: All versions

ThinkBook 14 G2 ITL: All versions

ThinkBook 14 G3 ITL: All versions

ThinkBook 14 G4 IAP: All versions

ThinkBook 14 G4+ IAP: All versions

ThinkBook 14s Yoga G2 IAP: All versions

ThinkBook 14s Yoga ITL: All versions

ThinkBook 15 G2 ITL: All versions

ThinkBook 15 G3 ITL: All versions

ThinkBook 15 G4 IAP: All versions

ThinkBook 15P G2 ITH: All versions

ThinkBook 16 G4+ IAP: All versions

ThinkBook Plus G2 ITG: All versions

ThinkBook Plus G3 IAP: All versions

Lenovo V14 G2-ITL: All versions

Len ovo V14-ARE: All versions

Lenovo V15 G2-ITL: All versions

Lenovo V17 G2-ITL: All versions

Yoga 7 14IAL7: All versions

Yoga 7 16IAH7: All versions

IdeaPad Yoga 7 16IAP7: All versions

ideapad Yoga 7-14ITL5: All versions

ideapad Yoga 7-15ITL5: All versions

IdeaPad Yoga 9 14IAP7: All versions

Yoga 9 14IRP8: All versions

Yoga Duet 7-13IML05: All versions

Yoga Duet 7-13ITL6: All versions

Yoga Duet 7-13ITL6-L TE: All versions

Yoga Slim 6 14IAP8: All versions

Yoga Slim 6 14IRP8: All versions

Yoga Slim 7 Carbon 13IAP7: All versions

Yoga Slim 7 Carbon 13IRP8: All versions

ideapad Yoga Slim 7 Carbon 13ITL5: All versions

Yoga Slim 7 Pro 14IAH7: All versions

IdeaPad Yoga Slim 7 Pro 14IAP7: All versions

IdeaPad Yoga Slim 7 Pro 16IAH7: All versions

ideapad Yoga Slim 7 Pro-1 4IHU5: All versions

ideapad Yoga Slim 7 Pro-14IHU5 O: All versions

ideapad Yoga Slim 7 Pro-14ITL5: All versions

Yoga Slim 7 ProX 14IAH7: All versions

ideapad Yoga Slim 7-13ITL05: All versions

ideapad Yoga Slim 7-14ARE05: All versions

ideapad Yoga Slim 7-14ITL05: All versions

ideapad Yoga Slim 7-15ITL05: All versions

Yoga Slim 9 14IAP7: All versions

ideapad 3-14 ITL05: All versions

ideapad 3-14ITL6: All versions

ideapad 3-15ITL05: All versions

ideapad 3-15ITL6: All versions

ideapad 5 Pro-14ITL6: All versions

ideapad 5 Pro-16IHU6: All versions

ideapad 5-15ARE05: All versions

External links
http://support.lenovo.com/us/en/product_security/LEN-115634

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Siemens RUGGEDCOM APE1808 Product Family

Multiple vulnerabilities in Dell Client Platform

Multiple vulnerabilities in Lenovo Insyde BIOS firmware