CVE-2022-4575

Severity Score

6.7

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attacker with physical or local access and elevated privileges the ability to bypass Secure Boot.

Se informó una vulnerabilidad debido a una protección de escritura inadecuada de las variables UEFI en el BIOS de algunos modelos ThinkPad que podría permitir a un atacante con acceso físico o local y privilegios elevados la capacidad de evitar el Arranque Seguro.

*Credits: Lenovo thanks Krzysztof Okupski from IOActive for reporting this issue.

CVSS Scores

NISTv3.1 6.7

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-12-16 CVE Reserved
2023-10-30 CVE Published
2023-11-01 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-276: Incorrect Default Permissions

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://support.lenovo.com/us/en/product_security/LEN-106014	2023-11-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Lenovo Search vendor "Lenovo"	Thinkpad 25 Firmware Search vendor "Lenovo" for product "Thinkpad 25 Firmware"	< 1.73 Search vendor "Lenovo" for product "Thinkpad 25 Firmware" and version " < 1.73"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad 25 Search vendor "Lenovo" for product "Thinkpad 25"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad L560 Firmware Search vendor "Lenovo" for product "Thinkpad L560 Firmware"	< 1.62 Search vendor "Lenovo" for product "Thinkpad L560 Firmware" and version " < 1.62"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad L560 Search vendor "Lenovo" for product "Thinkpad L560"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad P50 Firmware Search vendor "Lenovo" for product "Thinkpad P50 Firmware"	< 1.71 Search vendor "Lenovo" for product "Thinkpad P50 Firmware" and version " < 1.71"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad P50 Search vendor "Lenovo" for product "Thinkpad P50"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad P50s Firmware Search vendor "Lenovo" for product "Thinkpad P50s Firmware"	< 1.45 Search vendor "Lenovo" for product "Thinkpad P50s Firmware" and version " < 1.45"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad P50s Search vendor "Lenovo" for product "Thinkpad P50s"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad P70 Firmware Search vendor "Lenovo" for product "Thinkpad P70 Firmware"	< 2.45 Search vendor "Lenovo" for product "Thinkpad P70 Firmware" and version " < 2.45"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad P70 Search vendor "Lenovo" for product "Thinkpad P70"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad T470 Firmware Search vendor "Lenovo" for product "Thinkpad T470 Firmware"	< 1.73 Search vendor "Lenovo" for product "Thinkpad T470 Firmware" and version " < 1.73"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad T470 Search vendor "Lenovo" for product "Thinkpad T470"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad T470s Firmware Search vendor "Lenovo" for product "Thinkpad T470s Firmware"	< 1.49 Search vendor "Lenovo" for product "Thinkpad T470s Firmware" and version " < 1.49"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad T470s Search vendor "Lenovo" for product "Thinkpad T470s"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad T560 Firmware Search vendor "Lenovo" for product "Thinkpad T560 Firmware"	< 1.45 Search vendor "Lenovo" for product "Thinkpad T560 Firmware" and version " < 1.45"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad T560 Search vendor "Lenovo" for product "Thinkpad T560"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad X1 Carbon 4th Gen Firmware Search vendor "Lenovo" for product "Thinkpad X1 Carbon 4th Gen Firmware"	< 1.56 Search vendor "Lenovo" for product "Thinkpad X1 Carbon 4th Gen Firmware" and version " < 1.56"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad X1 Carbon 4th Gen Search vendor "Lenovo" for product "Thinkpad X1 Carbon 4th Gen"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad X1 Yoga 1st Gen Firmware Search vendor "Lenovo" for product "Thinkpad X1 Yoga 1st Gen Firmware"	< 1.56 Search vendor "Lenovo" for product "Thinkpad X1 Yoga 1st Gen Firmware" and version " < 1.56"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad X1 Yoga 1st Gen Search vendor "Lenovo" for product "Thinkpad X1 Yoga 1st Gen"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad X260 Firmware Search vendor "Lenovo" for product "Thinkpad X260 Firmware"	< 1.50 Search vendor "Lenovo" for product "Thinkpad X260 Firmware" and version " < 1.50"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad X260 Search vendor "Lenovo" for product "Thinkpad X260"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad X270 Firmware Search vendor "Lenovo" for product "Thinkpad X270 Firmware"	< 1.47 Search vendor "Lenovo" for product "Thinkpad X270 Firmware" and version " < 1.47"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad X270 Search vendor "Lenovo" for product "Thinkpad X270"	-	-	Safe
Lenovo Search vendor "Lenovo"	Thinkpad Yoga 260 Firmware Search vendor "Lenovo" for product "Thinkpad Yoga 260 Firmware"	< 1.88 Search vendor "Lenovo" for product "Thinkpad Yoga 260 Firmware" and version " < 1.88"	-	Affected	in	Lenovo Search vendor "Lenovo"	Thinkpad Yoga 260 Search vendor "Lenovo" for product "Thinkpad Yoga 260"	-	-	Safe