Lenovo Desktop and ThinkStation models buffer overflow | CVE-2022-48188
NAME
__________
Lenovo Desktop and ThinkStation models buffer overflow
Platforms Affected:
Lenovo IdeaCentre AIO 3 21ITL7
Lenovo IdeaCentre AIO 3-22ITL6
Lenovo IdeaCentre AIO 3-24ITL6
Lenovo 510S-07ICB Desktop (ideacentre)
Lenovo 510S-07ICK Desktop (ideacentre)
Lenovo P330 Tiny Workstation (ThinkStation)
Risk Level:
7.8
Exploitability:
Unproven
Consequences:
Gain Access
DESCRIPTION
__________
Lenovo Desktop and ThinkStation models is vulnerable to a buffer overflow, caused by improper bounds checking by the SecureBootDXE BIOS driver. By sending a specially cafted request, a local authenticated attacker could overflow a buffer and elevate their privileges to execute arbitrary code.
CVSS 3.0 Information
__________
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Access Vector:
Local
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
