CVE-2022-3728
Severity Score
6.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.
Se informó una vulnerabilidad en ThinkPad T14s Gen 3 y X13 Gen3 que podría causar que el mecanismo de detección de manipulación del BIOS no se active en circunstancias específicas que podrían permitir el acceso no autorizado.
*Credits:
Lenovo thanks Zoltan Harmath for reporting this vulnerability.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-10-27 CVE Reserved
- 2023-10-09 CVE Published
- 2023-10-13 EPSS Updated
- 2024-09-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-1263: Improper Physical Access Control
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.lenovo.com/us/en/product_security/LEN-106014 | 2023-10-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Lenovo Search vendor "Lenovo" | Thinkpad T14s Gen 3 Firmware Search vendor "Lenovo" for product "Thinkpad T14s Gen 3 Firmware" | < 1.30 Search vendor "Lenovo" for product "Thinkpad T14s Gen 3 Firmware" and version " < 1.30" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkpad T14s Gen 3 Search vendor "Lenovo" for product "Thinkpad T14s Gen 3" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkpad X13 Gen 3 Firmware Search vendor "Lenovo" for product "Thinkpad X13 Gen 3 Firmware" | < 1.30 Search vendor "Lenovo" for product "Thinkpad X13 Gen 3 Firmware" and version " < 1.30" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkpad X13 Gen 3 Search vendor "Lenovo" for product "Thinkpad X13 Gen 3" | - | - |
Safe
|