CVE-2022-48188
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A buffer overflow vulnerability in the SecureBootDXE BIOS driver of some Lenovo Desktop and ThinkStation models could allow an attacker with local access to elevate their privileges to execute arbitrary code.
*Credits:
Lenovo thanks River Li and Fangtao Cao for reporting this issue.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-12-29 CVE Reserved
- 2023-06-05 CVE Published
- 2023-06-14 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.lenovo.com/us/en/product_security/LEN-124495 | 2023-06-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Lenovo Search vendor "Lenovo" | Ideacentre Aio 3 21itl7 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 3 21itl7 Firmware" | < o5akt33 Search vendor "Lenovo" for product "Ideacentre Aio 3 21itl7 Firmware" and version " < o5akt33" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 3 21itl7 Search vendor "Lenovo" for product "Ideacentre Aio 3 21itl7" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-22itl6 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 3-22itl6 Firmware" | < o5akt33 Search vendor "Lenovo" for product "Ideacentre Aio 3-22itl6 Firmware" and version " < o5akt33" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-22itl6 Search vendor "Lenovo" for product "Ideacentre Aio 3-22itl6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-24itl6 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 3-24itl6 Firmware" | < o5akt33 Search vendor "Lenovo" for product "Ideacentre Aio 3-24itl6 Firmware" and version " < o5akt33" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-24itl6 Search vendor "Lenovo" for product "Ideacentre Aio 3-24itl6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-27itl6 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 3-27itl6 Firmware" | < o5akt33 Search vendor "Lenovo" for product "Ideacentre Aio 3-27itl6 Firmware" and version " < o5akt33" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-27itl6 Search vendor "Lenovo" for product "Ideacentre Aio 3-27itl6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M720e Firmware Search vendor "Lenovo" for product "Thinkcentre M720e Firmware" | < m1zkt40a Search vendor "Lenovo" for product "Thinkcentre M720e Firmware" and version " < m1zkt40a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M720e Search vendor "Lenovo" for product "Thinkcentre M720e" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M720q Firmware Search vendor "Lenovo" for product "Thinkcentre M720q Firmware" | < m1ukt70a Search vendor "Lenovo" for product "Thinkcentre M720q Firmware" and version " < m1ukt70a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M720q Search vendor "Lenovo" for product "Thinkcentre M720q" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M720s Firmware Search vendor "Lenovo" for product "Thinkcentre M720s Firmware" | < m1ukt70a Search vendor "Lenovo" for product "Thinkcentre M720s Firmware" and version " < m1ukt70a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M720s Search vendor "Lenovo" for product "Thinkcentre M720s" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M720t Firmware Search vendor "Lenovo" for product "Thinkcentre M720t Firmware" | < m1ukt70a Search vendor "Lenovo" for product "Thinkcentre M720t Firmware" and version " < m1ukt70a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M720t Search vendor "Lenovo" for product "Thinkcentre M720t" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M725s Firmware Search vendor "Lenovo" for product "Thinkcentre M725s Firmware" | < m25kt63a Search vendor "Lenovo" for product "Thinkcentre M725s Firmware" and version " < m25kt63a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M725s Search vendor "Lenovo" for product "Thinkcentre M725s" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M75s Gen 2 Firmware Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2 Firmware" | < m46kt30a Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2 Firmware" and version " < m46kt30a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M75s Gen 2 Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M75s Gen 2 Firmware Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2 Firmware" | < m3bkt30a Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2 Firmware" and version " < m3bkt30a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M75s Gen 2 Search vendor "Lenovo" for product "Thinkcentre M75s Gen 2" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M75t Gen 2 Firmware Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2 Firmware" | < m46kt30a Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2 Firmware" and version " < m46kt30a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M75t Gen 2 Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M75t Gen 2 Firmware Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2 Firmware" | < m3akt4ca Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2 Firmware" and version " < m3akt4ca" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M75t Gen 2 Search vendor "Lenovo" for product "Thinkcentre M75t Gen 2" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M920q Firmware Search vendor "Lenovo" for product "Thinkcentre M920q Firmware" | < m1ukt70a Search vendor "Lenovo" for product "Thinkcentre M920q Firmware" and version " < m1ukt70a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M920q Search vendor "Lenovo" for product "Thinkcentre M920q" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M920s Firmware Search vendor "Lenovo" for product "Thinkcentre M920s Firmware" | < m1ukt70a Search vendor "Lenovo" for product "Thinkcentre M920s Firmware" and version " < m1ukt70a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M920s Search vendor "Lenovo" for product "Thinkcentre M920s" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M920t Firmware Search vendor "Lenovo" for product "Thinkcentre M920t Firmware" | < m1ukt70a Search vendor "Lenovo" for product "Thinkcentre M920t Firmware" and version " < m1ukt70a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M920t Search vendor "Lenovo" for product "Thinkcentre M920t" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M920x Firmware Search vendor "Lenovo" for product "Thinkcentre M920x Firmware" | < m1ukt70a Search vendor "Lenovo" for product "Thinkcentre M920x Firmware" and version " < m1ukt70a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M920x Search vendor "Lenovo" for product "Thinkcentre M920x" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M920z Firmware Search vendor "Lenovo" for product "Thinkcentre M920z Firmware" | < m1mkt55a Search vendor "Lenovo" for product "Thinkcentre M920z Firmware" and version " < m1mkt55a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M920z Search vendor "Lenovo" for product "Thinkcentre M920z" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre 510s-07icb Firmware Search vendor "Lenovo" for product "Ideacentre 510s-07icb Firmware" | < m22kt48a Search vendor "Lenovo" for product "Ideacentre 510s-07icb Firmware" and version " < m22kt48a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre 510s-07icb Search vendor "Lenovo" for product "Ideacentre 510s-07icb" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre 510s-07icb Firmware Search vendor "Lenovo" for product "Ideacentre 510s-07icb Firmware" | < m22kt49a Search vendor "Lenovo" for product "Ideacentre 510s-07icb Firmware" and version " < m22kt49a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre 510s-07icb Search vendor "Lenovo" for product "Ideacentre 510s-07icb" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre 510s-07ick Firmware Search vendor "Lenovo" for product "Ideacentre 510s-07ick Firmware" | < m30kt28a Search vendor "Lenovo" for product "Ideacentre 510s-07ick Firmware" and version " < m30kt28a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre 510s-07ick Search vendor "Lenovo" for product "Ideacentre 510s-07ick" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre 510s-07ick Firmware Search vendor "Lenovo" for product "Ideacentre 510s-07ick Firmware" | < m1zkt40a Search vendor "Lenovo" for product "Ideacentre 510s-07ick Firmware" and version " < m1zkt40a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre 510s-07ick Search vendor "Lenovo" for product "Ideacentre 510s-07ick" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre 720-18apr Firmware Search vendor "Lenovo" for product "Ideacentre 720-18apr Firmware" | < m25kt63a Search vendor "Lenovo" for product "Ideacentre 720-18apr Firmware" and version " < m25kt63a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre 720-18apr Search vendor "Lenovo" for product "Ideacentre 720-18apr" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | V30a-22itl Firmware Search vendor "Lenovo" for product "V30a-22itl Firmware" | < o5akt33 Search vendor "Lenovo" for product "V30a-22itl Firmware" and version " < o5akt33" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | V30a-22itl Search vendor "Lenovo" for product "V30a-22itl" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | V30a-24itl Firmware Search vendor "Lenovo" for product "V30a-24itl Firmware" | < o5akt33 Search vendor "Lenovo" for product "V30a-24itl Firmware" and version " < o5akt33" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | V30a-24itl Search vendor "Lenovo" for product "V30a-24itl" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | V530s-07icb Firmware Search vendor "Lenovo" for product "V530s-07icb Firmware" | < m22kt49a Search vendor "Lenovo" for product "V530s-07icb Firmware" and version " < m22kt49a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | V530s-07icb Search vendor "Lenovo" for product "V530s-07icb" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | V530s-07icr Firmware Search vendor "Lenovo" for product "V530s-07icr Firmware" | < m1zkt40a Search vendor "Lenovo" for product "V530s-07icr Firmware" and version " < m1zkt40a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | V530s-07icr Search vendor "Lenovo" for product "V530s-07icr" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkstation P330 Tiny Firmware Search vendor "Lenovo" for product "Thinkstation P330 Tiny Firmware" | < m1ukt70a Search vendor "Lenovo" for product "Thinkstation P330 Tiny Firmware" and version " < m1ukt70a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkstation P330 Tiny Search vendor "Lenovo" for product "Thinkstation P330 Tiny" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkstation P360 Ultra Firmware Search vendor "Lenovo" for product "Thinkstation P360 Ultra Firmware" | < s0fkt27a Search vendor "Lenovo" for product "Thinkstation P360 Ultra Firmware" and version " < s0fkt27a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkstation P360 Ultra Search vendor "Lenovo" for product "Thinkstation P360 Ultra" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkstation P520 Firmware Search vendor "Lenovo" for product "Thinkstation P520 Firmware" | < s03kt58a Search vendor "Lenovo" for product "Thinkstation P520 Firmware" and version " < s03kt58a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkstation P520 Search vendor "Lenovo" for product "Thinkstation P520" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkstation P520c Firmware Search vendor "Lenovo" for product "Thinkstation P520c Firmware" | < s03kt58a Search vendor "Lenovo" for product "Thinkstation P520c Firmware" and version " < s03kt58a" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkstation P520c Search vendor "Lenovo" for product "Thinkstation P520c" | - | - |
Safe
|