CVE-2023-43568

EPSS 0.07%
Veröffentlicht 08.11.2023 22:15:09
Zuletzt bearbeitet 21.11.2024 08:24:22
Quelle psirt@lenovo.com
Teams Watchlist Login
Unerledigt Login

A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lenovo ≫ Ideacentre C5-14imb05 Firmware Version < o4hkt3ca

Lenovo ≫ Ideacentre C5-14imb05 Version-

Lenovo ≫ Ideacentre 3-07ada05 Firmware Version < o4fkt39a

Lenovo ≫ Ideacentre 3-07ada05 Version-

Lenovo ≫ Ideacentre 3-07imb05 Firmware Version < m2vkt21a

Lenovo ≫ Ideacentre 3-07imb05 Version-

Lenovo ≫ Ideacentre 5 14iab7 Firmware Version < m42kt46a

Lenovo ≫ Ideacentre 5 14iab7 Version-

Lenovo ≫ Ideacentre 5 14irb8 Firmware Version < m4ukt36a

Lenovo ≫ Ideacentre 5 14irb8 Version-

Lenovo ≫ Ideacentre 5-14acn6 Firmware Version-

Lenovo ≫ Ideacentre 5-14acn6 Version-

Lenovo ≫ Ideacentre T540-15ama G Firmware Version-

Lenovo ≫ Ideacentre T540-15ama G Version-

Lenovo ≫ Thinkcentre Neo 70t Gen 3 Firmware Version < m40kt45a

Lenovo ≫ Thinkcentre Neo 70t Gen 3 Version-

Lenovo ≫ Thinkcentre Neo 50t Gen 3 Firmware Version < m42kt46a

Lenovo ≫ Thinkcentre Neo 50t Gen 3 Version-

Lenovo ≫ Thinkcentre Neo 50a 24 Gen 4 Firmware Version < o5xkt18a

Lenovo ≫ Thinkcentre Neo 50a 24 Gen 4 Version-

Lenovo ≫ Thinkcentre Neo 50a 24 Gen 3 Firmware Version < o5rkt41a

Lenovo ≫ Thinkcentre Neo 50a 24 Gen 3 Version-

Lenovo ≫ Thinkcentre Neo 30a 27 Gen 4 Firmware Version < o5nkt33a

Lenovo ≫ Thinkcentre Neo 30a 27 Gen 4 Version-

Lenovo ≫ Thinkcentre Neo 30a 27 Gen 4 Firmware Versiono5nkt33a

Lenovo ≫ Thinkcentre Neo 30a 27 Gen 4 Version-

Lenovo ≫ Thinkcentre Neo 30a 27 Gen 3 Firmware Version < o5nkt33a

Lenovo ≫ Thinkcentre Neo 30a 27 Gen 3 Version-

Lenovo ≫ Thinkcentre Neo 30a 24 Gen 4 Firmware Version < o5nkt33a

Lenovo ≫ Thinkcentre Neo 30a 24 Gen 4 Version-

Lenovo ≫ Thinkcentre Neo 30a 24 Gen 3 Firmware Version < o5nkt33a

Lenovo ≫ Thinkcentre Neo 30a 24 Gen 3 Version-

Lenovo ≫ Thinkcentre Neo 30a 22 Gen 4 Firmware Version < o5nkt33a

Lenovo ≫ Thinkcentre Neo 30a 22 Gen 4 Version-

Lenovo ≫ Thinkcentre Neo 30a 22 Gen 3 Firmware Version < o5nkt33a

Lenovo ≫ Thinkcentre Neo 30a 22 Gen 3 Version-

Lenovo ≫ Thinkcentre M920z All-in-one Firmware Version < m1mkt56a

Lenovo ≫ Thinkcentre M920z All-in-one Version-

Lenovo ≫ Thinkcentre M90t Gen 3 Firmware Version < m40kt45a

Lenovo ≫ Thinkcentre M90t Gen 3 Version-

Lenovo ≫ Thinkcentre M90t Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M90t Version-

Lenovo ≫ Thinkcentre M90s Gen 3 Firmware Version < m40kt45a

Lenovo ≫ Thinkcentre M90s Gen 3 Version-

Lenovo ≫ Thinkcentre M90s Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M90s Version-

Lenovo ≫ Thinkcentre M90q Tiny Firmware Version-

Lenovo ≫ Thinkcentre M90q Tiny Version-

Lenovo ≫ Thinkcentre M90q Gen 3 Firmware Version-

Lenovo ≫ Thinkcentre M90q Gen 3 Version-

Lenovo ≫ Thinkcentre M90q Gen 2 Firmware Version-

Lenovo ≫ Thinkcentre M90q Gen 2 Version-

Lenovo ≫ Thinkcentre M90a Pro Gen 3 Firmware Version < m4hkt1da

Lenovo ≫ Thinkcentre M90a Pro Gen 3 Version-

Lenovo ≫ Thinkcentre M90a Gen 3 Firmware Version < m4ikt1da

Lenovo ≫ Thinkcentre M90a Gen 3 Version-

Lenovo ≫ Thinkcentre M90a Gen 2 Firmware Version < m3lkt2aa

Lenovo ≫ Thinkcentre M90a Gen 2 Version-

Lenovo ≫ Thinkcentre M90a Firmware Version < m2rkt57a

Lenovo ≫ Thinkcentre M90a Version-

Lenovo ≫ Thinkcentre M80t Gen 3 Firmware Version < m40kt45a

Lenovo ≫ Thinkcentre M80t Gen 3 Version-

Lenovo ≫ Thinkcentre M80t Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M80t Version-

Lenovo ≫ Thinkcentre M80s Gen 3 Firmware Version < m40kt45a

Lenovo ≫ Thinkcentre M80s Gen 3 Version-

Lenovo ≫ Thinkcentre M80s Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M80s Version-

Lenovo ≫ Thinkcentre M80q Gen 3 Firmware Version-

Lenovo ≫ Thinkcentre M80q Gen 3 Version-

Lenovo ≫ Thinkcentre M80q Firmware Version-

Lenovo ≫ Thinkcentre M80q Version-

Lenovo ≫ Thinkcentre M75t Gen 2 Firmware Version-

Lenovo ≫ Thinkcentre M75t Gen 2 Version-

Lenovo ≫ Thinkcentre M75s Gen 2 Firmware Version-

Lenovo ≫ Thinkcentre M75s Gen 2 Version-

Lenovo ≫ Thinkcentre M75q Gen 2 Firmware Version-

Lenovo ≫ Thinkcentre M75q Gen 2 Version-

Lenovo ≫ Thinkcentre M75n Firmware Version < m33kt29a

Lenovo ≫ Thinkcentre M75n Version-

Lenovo ≫ Thinkcentre M70t Gen 3 Firmware Version < m41kt45a

Lenovo ≫ Thinkcentre M70t Gen 3 Version-

Lenovo ≫ Thinkcentre M70t Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M70t Version-

Lenovo ≫ Thinkcentre M70s Gen 3 Firmware Version < m41kt45a

Lenovo ≫ Thinkcentre M70s Gen 3 Version-

Lenovo ≫ Thinkcentre M70s Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M70s Version-

Lenovo ≫ Thinkcentre M70q Gen 2 Firmware Version-

Lenovo ≫ Thinkcentre M70q Gen 2 Version-

Lenovo ≫ Thinkcentre M70q Firmware Version-

Lenovo ≫ Thinkcentre M70q Version-

Lenovo ≫ Thinkcentre M70c Firmware Version < m2vkt21a

Lenovo ≫ Thinkcentre M70c Version-

Lenovo ≫ Thinkcentre M70a Gen 3 Firmware Version-

Lenovo ≫ Thinkcentre M70a Gen 3 Version-

Lenovo ≫ Thinkcentre M630e Firmware Version < m28kt42a

Lenovo ≫ Thinkcentre M630e Version-

Lenovo ≫ Thinkcentre M625q Firmware Version-

Lenovo ≫ Thinkcentre M625q Version-

Lenovo ≫ Loq 17irb8 Firmware Version < m4ukt36a

Lenovo ≫ Loq 17irb8 Version-

Lenovo ≫ Legion T5 26iab7 Firmware Version < o5lkt2ba

Lenovo ≫ Legion T5 26iab7 Version-

Lenovo ≫ Legion T7-34imz5 Firmware Version < o5fkt17a

Lenovo ≫ Legion T7-34imz5 Version-

Lenovo ≫ Legion T7-34iaz7 Firmware Version < o5hkt2ca

Lenovo ≫ Legion T7-34iaz7 Version-

Lenovo ≫ Legion T7 34irz8 Firmware Version < o5ukt1fa

Lenovo ≫ Legion T7 34irz8 Version-

Lenovo ≫ Legion T5 26irb8 Firmware Version < o5tkt1ca

Lenovo ≫ Legion T5 26irb8 Version-

Lenovo ≫ Ideacentre Mini 5-01imh05 Firmware Version-

Lenovo ≫ Ideacentre Mini 5-01imh05 Version-

Lenovo ≫ Ideacentre Mini 5 01iaq7 Firmware Version < o53kt10a

Lenovo ≫ Ideacentre Mini 5 01iaq7 Version-

Lenovo ≫ Ideacentre Gaming 5-14iob6 Firmware Version < m3gkt3da

Lenovo ≫ Ideacentre Gaming 5-14iob6 Version-

Lenovo ≫ Ideacentre Gaming 5-14acn6 Firmware Version-

Lenovo ≫ Ideacentre Gaming 5-14acn6 Version-

Lenovo ≫ Ideacentre Gaming 5 17iab7 Firmware Version < m42kt46a

Lenovo ≫ Ideacentre Gaming 5 17iab7 Version-

Lenovo ≫ Ideacentre Gaming 5 17acn7 Firmware Version-

Lenovo ≫ Ideacentre Gaming 5 17acn7 Version-

Lenovo ≫ Ideacentre G5-14imb05 Firmware Version < o4hkt3ca

Lenovo ≫ Ideacentre G5-14imb05 Version-

Lenovo ≫ Ideacentre G5-14amr05 Firmware Version < o4zkt2ba

Lenovo ≫ Ideacentre G5-14amr05 Version-

Lenovo ≫ Ideacentre Creator 5-14iob6 Firmware Version < m3gkt3da

Lenovo ≫ Ideacentre Creator 5-14iob6 Version-

Lenovo ≫ Ideacentre Aio 5 27iah7 Firmware Version < o5rkt41a

Lenovo ≫ Ideacentre Aio 5 27iah7 Version-

Lenovo ≫ Ideacentre Aio 5 24iah7 Firmware Version < o5rkt41a

Lenovo ≫ Ideacentre Aio 5 24iah7 Version-

Lenovo ≫ Ideacentre Aio 3-27itl6 Firmware Version < o5akt34a

Lenovo ≫ Ideacentre Aio 3-27itl6 Version-

Lenovo ≫ Ideacentre Aio 3-27imb05 Firmware Version < o4rkt31a

Lenovo ≫ Ideacentre Aio 3-27imb05 Version-

Lenovo ≫ Ideacentre Aio 3-24itl6 Firmware Version < o5akt34a

Lenovo ≫ Ideacentre Aio 3-24itl6 Version-

Lenovo ≫ Ideacentre Aio 3-24imb05 Firmware Version < o4rkt31a

Lenovo ≫ Ideacentre Aio 3-24imb05 Version-

Lenovo ≫ Ideacentre Aio 3-24iil5 Firmware Version < o56kt24a

Lenovo ≫ Ideacentre Aio 3-24iil5 Version-

Lenovo ≫ Ideacentre Aio 3-24alc6 Firmware Version < o5bkt25a

Lenovo ≫ Ideacentre Aio 3-24alc6 Version-

Lenovo ≫ Ideacentre Aio 3-22itl6 Firmware Version < o5akt34a

Lenovo ≫ Ideacentre Aio 3-22itl6 Version-

Lenovo ≫ Ideacentre Aio 3-22imb05 Firmware Version < o4rkt31a

Lenovo ≫ Ideacentre Aio 3-22imb05 Version-

Lenovo ≫ Ideacentre Aio 3-22iil5 Firmware Version < o56kt24a

Lenovo ≫ Ideacentre Aio 3-22iil5 Version-

Lenovo ≫ Ideacentre Aio 3 27iap7 Firmware Version < o5nkt33a

Lenovo ≫ Ideacentre Aio 3 27iap7 Version-

Lenovo ≫ Ideacentre Aio 3 24iap7 Firmware Version < o5nkt33a

Lenovo ≫ Ideacentre Aio 3 24iap7 Version-

Lenovo ≫ Ideacentre Aio 3 22iap7 Firmware Version < o5nkt33a

Lenovo ≫ Ideacentre Aio 3 22iap7 Version-

Lenovo ≫ Ideacentre Aio 3 21itl7 Firmware Version < o5akt34a

Lenovo ≫ Ideacentre Aio 3 21itl7 Version-

Lenovo ≫ Ideacentre 5-14iob6 Firmware Version < m3gkt3da

Lenovo ≫ Ideacentre 5-14iob6 Version-

Lenovo ≫ Ideacentre 5-14imb05 Firmware Version < o4hkt3ca

Lenovo ≫ Ideacentre 5-14imb05 Version-

Lenovo ≫ V30a-22iml Firmware Version < m37kt31a

Lenovo ≫ V30a-22iml Version-

Lenovo ≫ V30a-22itl Firmware Version < o5akt34a

Lenovo ≫ V30a-22itl Version-

Lenovo ≫ V30a-24iml Firmware Version < m37kt31a

Lenovo ≫ V30a-24iml Version-

Lenovo ≫ V30a-24itl Firmware Version < o5akt34a

Lenovo ≫ V30a-24itl Version-

Lenovo ≫ V50a-22imb Firmware Version < m36kt32a

Lenovo ≫ V50a-22imb Version-

Lenovo ≫ V50a-24imb Firmware Version < m36kt32a

Lenovo ≫ V50a-24imb Version-

Lenovo ≫ V50s-07imb Firmware Version < m2vkt21a

Lenovo ≫ V50s-07imb Version-

Lenovo ≫ V50t-13imb Firmware Version < o4hkt3ca

Lenovo ≫ V50t-13imb Version-

Lenovo ≫ V50t-13imh Firmware Version < m4pkt16a

Lenovo ≫ V50t-13imh Version-

Lenovo ≫ V50t-13iob Firmware Version < m3gkt3da

Lenovo ≫ V50t-13iob Version-

Lenovo ≫ V55t Gen 2 13acn Firmware Version < o5jkt2ca

Lenovo ≫ V55t Gen 2 13acn Version-

Lenovo ≫ Yoga Aio 7 27arh7 Firmware Version-

Lenovo ≫ Yoga Aio 7 27arh7 Version-

Lenovo ≫ Yoga Aio 7-27arh6 Firmware Version-

Lenovo ≫ Yoga Aio 7-27arh6 Version-

Lenovo ≫ Thinkedge Se30 Firmware Version-

Lenovo ≫ Thinkedge Se30 Version-

Lenovo ≫ Thinkstation P920 Workstation Firmware Version-

Lenovo ≫ Thinkstation P920 Workstation Version-

Lenovo ≫ Thinkstation P720 Workstation Firmware Version-

Lenovo ≫ Thinkstation P720 Workstation Version-

Lenovo ≫ Thinkstation P520c Workstation Firmware Version-

Lenovo ≫ Thinkstation P520c Workstation Version-

Lenovo ≫ Thinkstation P520 Workstation Firmware Version-

Lenovo ≫ Thinkstation P520 Workstation Version-

Lenovo ≫ Thinkstation P360 Workstation Firmware Version-

Lenovo ≫ Thinkstation P360 Workstation Version-

Lenovo ≫ Thinkstation P360 Workstation Firmware Version < s0ekt45a

Lenovo ≫ Thinkstation P360 Workstation Version-

Lenovo ≫ Thinkstation P360 Ultra Workstation Firmware Version-

Lenovo ≫ Thinkstation P360 Ultra Workstation Version-

Lenovo ≫ Thinkstation P360 Tiny Workstation Firmware Version-

Lenovo ≫ Thinkstation P360 Tiny Workstation Version-

Lenovo ≫ Thinkstation P358 Workstation Firmware Version < s0hkt23a

Lenovo ≫ Thinkstation P358 Workstation Version-

Lenovo ≫ Thinkstation P350 Workstation Firmware Version-

Lenovo ≫ Thinkstation P350 Workstation Version-

Lenovo ≫ Thinkstation P350 Tiny Workstation Firmware Version-

Lenovo ≫ Thinkstation P350 Tiny Workstation Version-

Lenovo ≫ Thinkstation P348 Workstation Firmware Version-

Lenovo ≫ Thinkstation P348 Workstation Version-

Lenovo ≫ Thinkstation P340 Workstation Firmware Version < s08kt55a

Lenovo ≫ Thinkstation P340 Workstation Version-

Lenovo ≫ Thinkstation P340 Tiny Workstation Firmware Version-

Lenovo ≫ Thinkstation P340 Tiny Workstation Version-

Lenovo ≫ Thinkstation P330 Workstation 2nd Gen Firmware Version < m1vkt73a

Lenovo ≫ Thinkstation P330 Workstation 2nd Gen Version-

Lenovo ≫ Thinkstation P330 Workstation Firmware Version < m1vkt73a

Lenovo ≫ Thinkstation P330 Workstation Version-

Lenovo ≫ Thinkstation P320 Workstation Firmware Version-

Lenovo ≫ Thinkstation P320 Workstation Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.207

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.4	0.8	3.6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
psirt@lenovo.com	4.4	0.8	3.6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-126 Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

https://support.lenovo.com/us/en/product_security/LEN-141775

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-43568

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-43568

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-43568

EUVD