// For flags

CVE-2022-48188

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A buffer overflow vulnerability in the SecureBootDXE BIOS driver of some Lenovo Desktop and ThinkStation models could allow an attacker with local access to elevate their privileges to execute arbitrary code.

*Credits: Lenovo thanks River Li and Fangtao Cao for reporting this issue.
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-12-29 CVE Reserved
  • 2023-06-05 CVE Published
  • 2023-06-14 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-787: Out-of-bounds Write
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Lenovo
Search vendor "Lenovo"
Ideacentre Aio 3 21itl7 Firmware
Search vendor "Lenovo" for product "Ideacentre Aio 3 21itl7 Firmware"
< o5akt33
Search vendor "Lenovo" for product "Ideacentre Aio 3 21itl7 Firmware" and version " < o5akt33"
-
Affected
in Lenovo
Search vendor "Lenovo"
Ideacentre Aio 3 21itl7
Search vendor "Lenovo" for product "Ideacentre Aio 3 21itl7"
--
Safe
Lenovo
Search vendor "Lenovo"
Ideacentre Aio 3-22itl6 Firmware
Search vendor "Lenovo" for product "Ideacentre Aio 3-22itl6 Firmware"
< o5akt33
Search vendor "Lenovo" for product "Ideacentre Aio 3-22itl6 Firmware" and version " < o5akt33"
-
Affected
in Lenovo
Search vendor "Lenovo"
Ideacentre Aio 3-22itl6
Search vendor "Lenovo" for product "Ideacentre Aio 3-22itl6"
--
Safe
Lenovo
Search vendor "Lenovo"
Ideacentre Aio 3-24itl6 Firmware
Search vendor "Lenovo" for product "Ideacentre Aio 3-24itl6 Firmware"
< o5akt33
Search vendor "Lenovo" for product "Ideacentre Aio 3-24itl6 Firmware" and version " < o5akt33"
-
Affected
in Lenovo
Search vendor "Lenovo"
Ideacentre Aio 3-24itl6
Search vendor "Lenovo" for product "Ideacentre Aio 3-24itl6"
--
Safe
Lenovo
Search vendor "Lenovo"
Ideacentre Aio 3-27itl6 Firmware
Search vendor "Lenovo" for product "Ideacentre Aio 3-27itl6 Firmware"
< o5akt33
Search vendor "Lenovo" for product "Ideacentre Aio 3-27itl6 Firmware" and version " < o5akt33"
-
Affected
in Lenovo
Search vendor "Lenovo"
Ideacentre Aio 3-27itl6
Search vendor "Lenovo" for product "Ideacentre Aio 3-27itl6"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M720e Firmware
Search vendor "Lenovo" for product "Thinkcentre M720e Firmware"
< m1zkt40a
Search vendor "Lenovo" for product "Thinkcentre M720e Firmware" and version " < m1zkt40a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M720e
Search vendor "Lenovo" for product "Thinkcentre M720e"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M720q Firmware
Search vendor "Lenovo" for product "Thinkcentre M720q Firmware"
< m1ukt70a
Search vendor "Lenovo" for product "Thinkcentre M720q Firmware" and version " < m1ukt70a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M720q
Search vendor "Lenovo" for product "Thinkcentre M720q"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M720s Firmware
Search vendor "Lenovo" for product "Thinkcentre M720s Firmware"
< m1ukt70a
Search vendor "Lenovo" for product "Thinkcentre M720s Firmware" and version " < m1ukt70a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M720s
Search vendor "Lenovo" for product "Thinkcentre M720s"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M720t Firmware
Search vendor "Lenovo" for product "Thinkcentre M720t Firmware"
< m1ukt70a
Search vendor "Lenovo" for product "Thinkcentre M720t Firmware" and version " < m1ukt70a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M720t
Search vendor "Lenovo" for product "Thinkcentre M720t"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M725s Firmware
Search vendor "Lenovo" for product "Thinkcentre M725s Firmware"
< m25kt63a
Search vendor "Lenovo" for product "Thinkcentre M725s Firmware" and version " < m25kt63a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M725s
Search vendor "Lenovo" for product "Thinkcentre M725s"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M75s Gen 2 Firmware
Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2 Firmware"
< m46kt30a
Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2 Firmware" and version " < m46kt30a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M75s Gen 2
Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M75s Gen 2 Firmware
Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2 Firmware"
< m3bkt30a
Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2 Firmware" and version " < m3bkt30a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M75s Gen 2
Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M75t Gen 2 Firmware
Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2 Firmware"
< m46kt30a
Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2 Firmware" and version " < m46kt30a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M75t Gen 2
Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M75t Gen 2 Firmware
Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2 Firmware"
< m3akt4ca
Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2 Firmware" and version " < m3akt4ca"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M75t Gen 2
Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M920q Firmware
Search vendor "Lenovo" for product "Thinkcentre M920q Firmware"
< m1ukt70a
Search vendor "Lenovo" for product "Thinkcentre M920q Firmware" and version " < m1ukt70a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M920q
Search vendor "Lenovo" for product "Thinkcentre M920q"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M920s Firmware
Search vendor "Lenovo" for product "Thinkcentre M920s Firmware"
< m1ukt70a
Search vendor "Lenovo" for product "Thinkcentre M920s Firmware" and version " < m1ukt70a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M920s
Search vendor "Lenovo" for product "Thinkcentre M920s"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M920t Firmware
Search vendor "Lenovo" for product "Thinkcentre M920t Firmware"
< m1ukt70a
Search vendor "Lenovo" for product "Thinkcentre M920t Firmware" and version " < m1ukt70a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M920t
Search vendor "Lenovo" for product "Thinkcentre M920t"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M920x Firmware
Search vendor "Lenovo" for product "Thinkcentre M920x Firmware"
< m1ukt70a
Search vendor "Lenovo" for product "Thinkcentre M920x Firmware" and version " < m1ukt70a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M920x
Search vendor "Lenovo" for product "Thinkcentre M920x"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkcentre M920z Firmware
Search vendor "Lenovo" for product "Thinkcentre M920z Firmware"
< m1mkt55a
Search vendor "Lenovo" for product "Thinkcentre M920z Firmware" and version " < m1mkt55a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkcentre M920z
Search vendor "Lenovo" for product "Thinkcentre M920z"
--
Safe
Lenovo
Search vendor "Lenovo"
Ideacentre 510s-07icb Firmware
Search vendor "Lenovo" for product "Ideacentre 510s-07icb Firmware"
< m22kt48a
Search vendor "Lenovo" for product "Ideacentre 510s-07icb Firmware" and version " < m22kt48a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Ideacentre 510s-07icb
Search vendor "Lenovo" for product "Ideacentre 510s-07icb"
--
Safe
Lenovo
Search vendor "Lenovo"
Ideacentre 510s-07icb Firmware
Search vendor "Lenovo" for product "Ideacentre 510s-07icb Firmware"
< m22kt49a
Search vendor "Lenovo" for product "Ideacentre 510s-07icb Firmware" and version " < m22kt49a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Ideacentre 510s-07icb
Search vendor "Lenovo" for product "Ideacentre 510s-07icb"
--
Safe
Lenovo
Search vendor "Lenovo"
Ideacentre 510s-07ick Firmware
Search vendor "Lenovo" for product "Ideacentre 510s-07ick Firmware"
< m30kt28a
Search vendor "Lenovo" for product "Ideacentre 510s-07ick Firmware" and version " < m30kt28a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Ideacentre 510s-07ick
Search vendor "Lenovo" for product "Ideacentre 510s-07ick"
--
Safe
Lenovo
Search vendor "Lenovo"
Ideacentre 510s-07ick Firmware
Search vendor "Lenovo" for product "Ideacentre 510s-07ick Firmware"
< m1zkt40a
Search vendor "Lenovo" for product "Ideacentre 510s-07ick Firmware" and version " < m1zkt40a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Ideacentre 510s-07ick
Search vendor "Lenovo" for product "Ideacentre 510s-07ick"
--
Safe
Lenovo
Search vendor "Lenovo"
Ideacentre 720-18apr Firmware
Search vendor "Lenovo" for product "Ideacentre 720-18apr Firmware"
< m25kt63a
Search vendor "Lenovo" for product "Ideacentre 720-18apr Firmware" and version " < m25kt63a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Ideacentre 720-18apr
Search vendor "Lenovo" for product "Ideacentre 720-18apr"
--
Safe
Lenovo
Search vendor "Lenovo"
V30a-22itl Firmware
Search vendor "Lenovo" for product "V30a-22itl Firmware"
< o5akt33
Search vendor "Lenovo" for product "V30a-22itl Firmware" and version " < o5akt33"
-
Affected
in Lenovo
Search vendor "Lenovo"
V30a-22itl
Search vendor "Lenovo" for product "V30a-22itl"
--
Safe
Lenovo
Search vendor "Lenovo"
V30a-24itl Firmware
Search vendor "Lenovo" for product "V30a-24itl Firmware"
< o5akt33
Search vendor "Lenovo" for product "V30a-24itl Firmware" and version " < o5akt33"
-
Affected
in Lenovo
Search vendor "Lenovo"
V30a-24itl
Search vendor "Lenovo" for product "V30a-24itl"
--
Safe
Lenovo
Search vendor "Lenovo"
V530s-07icb Firmware
Search vendor "Lenovo" for product "V530s-07icb Firmware"
< m22kt49a
Search vendor "Lenovo" for product "V530s-07icb Firmware" and version " < m22kt49a"
-
Affected
in Lenovo
Search vendor "Lenovo"
V530s-07icb
Search vendor "Lenovo" for product "V530s-07icb"
--
Safe
Lenovo
Search vendor "Lenovo"
V530s-07icr Firmware
Search vendor "Lenovo" for product "V530s-07icr Firmware"
< m1zkt40a
Search vendor "Lenovo" for product "V530s-07icr Firmware" and version " < m1zkt40a"
-
Affected
in Lenovo
Search vendor "Lenovo"
V530s-07icr
Search vendor "Lenovo" for product "V530s-07icr"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkstation P330 Tiny Firmware
Search vendor "Lenovo" for product "Thinkstation P330 Tiny Firmware"
< m1ukt70a
Search vendor "Lenovo" for product "Thinkstation P330 Tiny Firmware" and version " < m1ukt70a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkstation P330 Tiny
Search vendor "Lenovo" for product "Thinkstation P330 Tiny"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkstation P360 Ultra Firmware
Search vendor "Lenovo" for product "Thinkstation P360 Ultra Firmware"
< s0fkt27a
Search vendor "Lenovo" for product "Thinkstation P360 Ultra Firmware" and version " < s0fkt27a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkstation P360 Ultra
Search vendor "Lenovo" for product "Thinkstation P360 Ultra"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkstation P520 Firmware
Search vendor "Lenovo" for product "Thinkstation P520 Firmware"
< s03kt58a
Search vendor "Lenovo" for product "Thinkstation P520 Firmware" and version " < s03kt58a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkstation P520
Search vendor "Lenovo" for product "Thinkstation P520"
--
Safe
Lenovo
Search vendor "Lenovo"
Thinkstation P520c Firmware
Search vendor "Lenovo" for product "Thinkstation P520c Firmware"
< s03kt58a
Search vendor "Lenovo" for product "Thinkstation P520c Firmware" and version " < s03kt58a"
-
Affected
in Lenovo
Search vendor "Lenovo"
Thinkstation P520c
Search vendor "Lenovo" for product "Thinkstation P520c"
--
Safe