CVE-2022-48189

EPSS 0.03%
Published 30.10.2023 15:15:39
Last modified 21.11.2024 07:32:56
Source psirt@lenovo.com
Teams watchlist Login
Open Login

An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Lenovo ≫ Thinkpad E14 Firmware Version < 1.23

Lenovo ≫ Thinkpad E14 Version-

Lenovo ≫ Thinkpad E14 Gen 2 Firmware Version < 1.55

Lenovo ≫ Thinkpad E14 Gen 2 Version-

Lenovo ≫ Thinkpad E14 Gen 4 Firmware Version < 1.18

Lenovo ≫ Thinkpad E14 Gen 4 Version-

Lenovo ≫ Thinkpad E14 Gen 4 Firmware Version < 1.16

Lenovo ≫ Thinkpad E14 Gen 4 Version-

Lenovo ≫ Thinkpad E15 Firmware Version < 1.23

Lenovo ≫ Thinkpad E15 Version-

Lenovo ≫ Thinkpad E15 Gen 2 Firmware Version < 1.55

Lenovo ≫ Thinkpad E15 Gen 2 Version-

Lenovo ≫ Thinkpad E15 Gen 4 Firmware Version < 1.18

Lenovo ≫ Thinkpad E15 Gen 4 Version-

Lenovo ≫ Thinkpad E15 Gen 4 Firmware Version < 1.16

Lenovo ≫ Thinkpad E15 Gen 4 Version-

Lenovo ≫ Thinkpad E490 Firmware Version < 1.34

Lenovo ≫ Thinkpad E490 Version-

Lenovo ≫ Thinkpad E490s Firmware Version < 1.34

Lenovo ≫ Thinkpad E490s Version-

Lenovo ≫ Thinkpad E590 Firmware Version < 1.34

Lenovo ≫ Thinkpad E590 Version-

Lenovo ≫ Thinkpad L13 Gen 3 Firmware Version < 1.14

Lenovo ≫ Thinkpad L13 Gen 3 Version-

Lenovo ≫ Thinkpad L13 Yoga Gen 3 Firmware Version < 1.14

Lenovo ≫ Thinkpad L13 Yoga Gen 3 Version-

Lenovo ≫ Thinkpad L14 Firmware Version < 1.2

Lenovo ≫ Thinkpad L14 Version-

Lenovo ≫ Thinkpad L14 Firmware Version < 1.3

Lenovo ≫ Thinkpad L14 Version-

Lenovo ≫ Thinkpad L14 Firmware Version-

Lenovo ≫ Thinkpad L14 Version-

Lenovo ≫ Thinkpad L14 Firmware Version < 1.26

Lenovo ≫ Thinkpad L14 Version-

Lenovo ≫ Thinkpad L15 Firmware Version < 1.2

Lenovo ≫ Thinkpad L15 Version-

Lenovo ≫ Thinkpad L15 Firmware Version < 1.3

Lenovo ≫ Thinkpad L15 Version-

Lenovo ≫ Thinkpad L15 Gen 2 Firmware Version-

Lenovo ≫ Thinkpad L15 Gen 2 Version-

Lenovo ≫ Thinkpad L15 Gen 3 Firmware Version < 1.26

Lenovo ≫ Thinkpad L15 Gen 3 Version-

Lenovo ≫ Thinkpad L490 Firmware Version < 1.32

Lenovo ≫ Thinkpad L490 Version-

Lenovo ≫ Thinkpad L590 Firmware Version < 1.32

Lenovo ≫ Thinkpad L590 Version-

Lenovo ≫ Thinkpad P1 Gen 2 Firmware Version < 1.46

Lenovo ≫ Thinkpad P1 Gen 2 Version-

Lenovo ≫ Thinkpad P1 Gen 3 Firmware Version < 1.27

Lenovo ≫ Thinkpad P1 Gen 3 Version-

Lenovo ≫ Thinkpad P1 Gen 4 Firmware Version < 1.22

Lenovo ≫ Thinkpad P1 Gen 4 Version-

Lenovo ≫ Thinkpad P1 Gen 5 Firmware Version < 1.16

Lenovo ≫ Thinkpad P1 Gen 5 Version-

Lenovo ≫ Thinkpad P14s Gen 1 Firmware Version < 1.28

Lenovo ≫ Thinkpad P14s Gen 1 Version-

Lenovo ≫ Thinkpad P14s Gen 2 Firmware Version-

Lenovo ≫ Thinkpad P14s Gen 2 Version-

Lenovo ≫ Thinkpad P14s Gen 2 Firmware Version < 1.34

Lenovo ≫ Thinkpad P14s Gen 2 Version-

Lenovo ≫ Thinkpad P14s Gen 3 Firmware Version-

Lenovo ≫ Thinkpad P14s Gen 3 Version-

Lenovo ≫ Thinkpad P15 Gen 1 Firmware Version < 1.32

Lenovo ≫ Thinkpad P15 Gen 1 Version-

Lenovo ≫ Thinkpad P15 Gen 2 Firmware Version < 1.25

Lenovo ≫ Thinkpad P15 Gen 2 Version-

Lenovo ≫ Thinkpad P15s Gen 1 Firmware Version < 1.28

Lenovo ≫ Thinkpad P15s Gen 1 Version-

Lenovo ≫ Thinkpad P15s Gen 2 Firmware Version-

Lenovo ≫ Thinkpad P15s Gen 2 Version-

Lenovo ≫ Thinkpad P15v Gen 1 Firmware Version < 1.32

Lenovo ≫ Thinkpad P15v Gen 1 Version-

Lenovo ≫ Thinkpad P15v Gen 2 Firmware Version < 1.19

Lenovo ≫ Thinkpad P15v Gen 2 Version-

Lenovo ≫ Thinkpad P15v Gen 3 Firmware Version < 1.15

Lenovo ≫ Thinkpad P15v Gen 3 Version-

Lenovo ≫ Thinkpad P16 Gen 1 Firmware Version < 1.17

Lenovo ≫ Thinkpad P16 Gen 1 Version-

Lenovo ≫ Thinkpad P16s Gen 1 Firmware Version-

Lenovo ≫ Thinkpad P16s Gen 1 Version-

Lenovo ≫ Thinkpad P17 Gen 1 Firmware Version < 1.32

Lenovo ≫ Thinkpad P17 Gen 1 Version-

Lenovo ≫ Thinkpad P17 Gen 2 Firmware Version < 1.25

Lenovo ≫ Thinkpad P17 Gen 2 Version-

Lenovo ≫ Thinkpad P43s Firmware Version-

Lenovo ≫ Thinkpad P43s Version-

Lenovo ≫ Thinkpad P53 Firmware Version < 1.4

Lenovo ≫ Thinkpad P53 Version-

Lenovo ≫ Thinkpad P53s Firmware Version-

Lenovo ≫ Thinkpad P53s Version-

Lenovo ≫ Thinkpad P73 Firmware Version < 1.4

Lenovo ≫ Thinkpad P73 Version-

Lenovo ≫ Thinkpad T14 Gen 1 Firmware Version < 1.28

Lenovo ≫ Thinkpad T14 Gen 1 Version-

Lenovo ≫ Thinkpad T14 Gen 1 Firmware Version < 1.28

Lenovo ≫ Thinkpad T14 Gen 1 Version-

Lenovo ≫ Thinkpad T14 Gen 2 Firmware Version-

Lenovo ≫ Thinkpad T14 Gen 2 Version-

Lenovo ≫ Thinkpad T14 Gen 2 Firmware Version < 1.34

Lenovo ≫ Thinkpad T14 Gen 2 Version-

Lenovo ≫ Thinkpad T14 Gen 3 Firmware Version-

Lenovo ≫ Thinkpad T14 Gen 3 Version-

Lenovo ≫ Thinkpad T14s Firmware Version < 1.26

Lenovo ≫ Thinkpad T14s Version-

Lenovo ≫ Thinkpad T14s Gen 2 Firmware Version < 1.51

Lenovo ≫ Thinkpad T14s Gen 2 Version-

Lenovo ≫ Thinkpad T14s Gen 2 Firmware Version < 1.37

Lenovo ≫ Thinkpad T14s Gen 2 Version-

Lenovo ≫ Thinkpad T14s Gen 3 Firmware Version < 1.33

Lenovo ≫ Thinkpad T14s Gen 3 Version-

Lenovo ≫ Thinkpad T15 Firmware Version < 1.28

Lenovo ≫ Thinkpad T15 Version-

Lenovo ≫ Thinkpad T15 Gen 2 Firmware Version-

Lenovo ≫ Thinkpad T15 Gen 2 Version-

Lenovo ≫ Thinkpad T15g Gen 1 Firmware Version < 1.32

Lenovo ≫ Thinkpad T15g Gen 1 Version-

Lenovo ≫ Thinkpad T15g Gen 2 Firmware Version < 1.25

Lenovo ≫ Thinkpad T15g Gen 2 Version-

Lenovo ≫ Thinkpad T15p Gen 1 Firmware Version < 1.32

Lenovo ≫ Thinkpad T15p Gen 1 Version-

Lenovo ≫ Thinkpad T15p Gen 2 Firmware Version < 1.19

Lenovo ≫ Thinkpad T15p Gen 2 Version-

Lenovo ≫ Thinkpad T15p Gen 3 Firmware Version < 1.15

Lenovo ≫ Thinkpad T15p Gen 3 Version-

Lenovo ≫ Thinkpad T16 Gen 1 Firmware Version-

Lenovo ≫ Thinkpad T16 Gen 1 Version-

Lenovo ≫ Thinkpad T490 Firmware Version-

Lenovo ≫ Thinkpad T490 Version-

Lenovo ≫ Thinkpad T490 Firmware Version-

Lenovo ≫ Thinkpad T490 Version-

Lenovo ≫ Thinkpad T490 Firmware Version-

Lenovo ≫ Thinkpad T490 Version-

Lenovo ≫ Thinkpad T490s Firmware Version-

Lenovo ≫ Thinkpad T490s Version-

Lenovo ≫ Thinkpad T590 Firmware Version-

Lenovo ≫ Thinkpad T590 Version-

Lenovo ≫ Thinkpad Thinkpad R14 Gen 2 Firmware Version < 1.55

Lenovo ≫ Thinkpad Thinkpad R14 Gen 2 Version-

Lenovo ≫ Thinkpad Thinkpad R14 Gen 4 Firmware Version < 1.18

Lenovo ≫ Thinkpad Thinkpad R14 Gen 4 Version-

Lenovo ≫ Thinkpad Thinkpad S3 2nd Gen Firmware Version < 1.23

Lenovo ≫ Thinkpad Thinkpad S3 2nd Gen Version-

Lenovo ≫ Thinkpad X1 Carbon 10th Gen Firmware Version < 1.37

Lenovo ≫ Thinkpad X1 Carbon 10th Gen Version-

Lenovo ≫ Thinkpad X1 Carbon 7th Gen Firmware Version-

Lenovo ≫ Thinkpad X1 Carbon 7th Gen Version-

Lenovo ≫ Thinkpad X1 Carbon 7th Gen Firmware Version-

Lenovo ≫ Thinkpad X1 Carbon 7th Gen Version-

Lenovo ≫ Thinkpad X1 Carbon 8th Gen Firmware Version-

Lenovo ≫ Thinkpad X1 Carbon 8th Gen Version-

Lenovo ≫ Thinkpad X1 Carbon 9th Gen Firmware Version < 1.59

Lenovo ≫ Thinkpad X1 Carbon 9th Gen Version-

Lenovo ≫ Thinkpad X1 Extreme 2nd Gen Firmware Version < 1.46

Lenovo ≫ Thinkpad X1 Extreme 2nd Gen Version-

Lenovo ≫ Thinkpad X1 Extreme 3rd Gen Firmware Version < 1.27

Lenovo ≫ Thinkpad X1 Extreme 3rd Gen Version-

Lenovo ≫ Thinkpad X1 Extreme 4th Gen Firmware Version < 1.22

Lenovo ≫ Thinkpad X1 Extreme 4th Gen Version-

Lenovo ≫ Thinkpad X1 Extreme Gen 5 Firmware Version < 1.16

Lenovo ≫ Thinkpad X1 Extreme Gen 5 Version-

Lenovo ≫ Thinkpad X1 Nano Gen 1 Firmware Version < 1.55

Lenovo ≫ Thinkpad X1 Nano Gen 1 Version-

Lenovo ≫ Thinkpad X1 Nano Gen 2 Firmware Version < 1.18

Lenovo ≫ Thinkpad X1 Nano Gen 2 Version-

Lenovo ≫ Thinkpad X1 Titanium Firmware Version < 1.24

Lenovo ≫ Thinkpad X1 Titanium Version-

Lenovo ≫ Thinkpad X1 Yoga 4th Gen Firmware Version-

Lenovo ≫ Thinkpad X1 Yoga 4th Gen Version-

Lenovo ≫ Thinkpad X1 Yoga 4th Gen Firmware Version-

Lenovo ≫ Thinkpad X1 Yoga 4th Gen Version-

Lenovo ≫ Thinkpad X1 Yoga 5th Gen Firmware Version-

Lenovo ≫ Thinkpad X1 Yoga 5th Gen Version-

Lenovo ≫ Thinkpad X1 Yoga 6th Gen Firmware Version < 1.59

Lenovo ≫ Thinkpad X1 Yoga 6th Gen Version-

Lenovo ≫ Thinkpad X1 Yoga 7th Gen Firmware Version < 1.37

Lenovo ≫ Thinkpad X1 Yoga 7th Gen Version-

Lenovo ≫ Thinkpad X12 Detachable Gen 1 Firmware Version < 1.28

Lenovo ≫ Thinkpad X12 Detachable Gen 1 Version-

Lenovo ≫ Thinkpad X13 Firmware Version < 1.26

Lenovo ≫ Thinkpad X13 Version-

Lenovo ≫ Thinkpad X13 Gen 2 Firmware Version < 1.51

Lenovo ≫ Thinkpad X13 Gen 2 Version-

Lenovo ≫ Thinkpad X13 Gen 2 Firmware Version < 1.37

Lenovo ≫ Thinkpad X13 Gen 2 Version-

Lenovo ≫ Thinkpad X13 Gen 3 Firmware Version < 1.33

Lenovo ≫ Thinkpad X13 Gen 3 Version-

Lenovo ≫ Thinkpad X13 Yoga Gen 1 Firmware Version < 1.45

Lenovo ≫ Thinkpad X13 Yoga Gen 1 Version-

Lenovo ≫ Thinkpad X13 Yoga Gen 2 Firmware Version < 1.4

Lenovo ≫ Thinkpad X13 Yoga Gen 2 Version-

Lenovo ≫ Thinkpad X13 Yoga Gen 3 Firmware Version < 1.09

Lenovo ≫ Thinkpad X13 Yoga Gen 3 Version-

Lenovo ≫ Thinkpad X390 Firmware Version-

Lenovo ≫ Thinkpad X390 Version-

Lenovo ≫ Thinkpad X390 Firmware Version-

Lenovo ≫ Thinkpad X390 Version-

Lenovo ≫ Thinkpad X390 Yoga Firmware Version < 1.95

Lenovo ≫ Thinkpad X390 Yoga Version-

Lenovo ≫ Thinkpad Z13 Gen 1 Firmware Version < 1.57

Lenovo ≫ Thinkpad Z13 Gen 1 Version-

Lenovo ≫ Thinkpad Z16 Gen 1 Firmware Version < 1.57

Lenovo ≫ Thinkpad Z16 Gen 1 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.057

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
psirt@lenovo.com	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://support.lenovo.com/us/en/product_security/LEN-106014

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-48189

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-48189

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-48189

EUVD