CVE-2023-45079

EPSS 0.04%
Published 08.11.2023 23:15:11
Last modified 21.11.2024 08:26:21
Source psirt@lenovo.com
Teams watchlist Login
Open Login

A memory leakage vulnerability was reported in the NvmramSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Lenovo ≫ Ideacentre C5-14imb05 Firmware Version < o4hkt3ca

Lenovo ≫ Ideacentre C5-14imb05 Version-

Lenovo ≫ Ideacentre 3-07ada05 Firmware Version < o4fkt39a

Lenovo ≫ Ideacentre 3-07ada05 Version-

Lenovo ≫ Ideacentre 3-07imb05 Firmware Version < m2vkt21a

Lenovo ≫ Ideacentre 3-07imb05 Version-

Lenovo ≫ Ideacentre G5-14imb05 Firmware Version < o4hkt3ca

Lenovo ≫ Ideacentre G5-14imb05 Version-

Lenovo ≫ Ideacentre 5-14iob6 Firmware Version < m3gkt3da

Lenovo ≫ Ideacentre 5-14iob6 Version-

Lenovo ≫ Ideacentre Creator 5-14iob6 Firmware Version < m3gkt3da

Lenovo ≫ Ideacentre Creator 5-14iob6 Version-

Lenovo ≫ Ideacentre G5-14amr05 Firmware Version < o4zkt2ba

Lenovo ≫ Ideacentre G5-14amr05 Version-

Lenovo ≫ Ideacentre G5-14imb05 Firmware Version < o4hkt3ca

Lenovo ≫ Ideacentre G5-14imb05 Version-

Lenovo ≫ Ideacentre Gaming 5-14iob6 Firmware Version < m3gkt3da

Lenovo ≫ Ideacentre Gaming 5-14iob6 Version-

Lenovo ≫ Ideacentre Mini 5 01iaq7 Firmware Version < o53kt10a

Lenovo ≫ Ideacentre Mini 5 01iaq7 Version-

Lenovo ≫ Ideacentre Mini 5-01imh05 Firmware Version < o4ekt1ba

Lenovo ≫ Ideacentre Mini 5-01imh05 Version-

Lenovo ≫ Legion T7-34imz5 Firmware Version < o5fkt17a

Lenovo ≫ Legion T7-34imz5 Version-

Lenovo ≫ Thinkcentre M625q Firmware Version < m1wkt52a

Lenovo ≫ Thinkcentre M625q Version-

Lenovo ≫ Thinkcentre M630e Firmware Version-

Lenovo ≫ Thinkcentre M630e Version-

Lenovo ≫ Thinkcentre M70a Firmware Version < m2skt29a

Lenovo ≫ Thinkcentre M70a Version-

Lenovo ≫ Thinkcentre M920z All-in-one Firmware Version < m1mkt56a

Lenovo ≫ Thinkcentre M920z All-in-one Version-

Lenovo ≫ Thinkcentre M920x Firmware Version < m1ukt72a

Lenovo ≫ Thinkcentre M920x Version-

Lenovo ≫ Thinkcentre M920t Firmware Version < m1ukt72a

Lenovo ≫ Thinkcentre M920t Version-

Lenovo ≫ Thinkcentre M920s Firmware Version < m1ukt72a

Lenovo ≫ Thinkcentre M920s Version-

Lenovo ≫ Thinkcentre M920q Firmware Version < m1ukt72a

Lenovo ≫ Thinkcentre M920q Version-

Lenovo ≫ Thinkcentre M90t Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M90t Version-

Lenovo ≫ Thinkcentre M90s Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M90s Version-

Lenovo ≫ Thinkcentre M90q Tiny Firmware Version < m2wkt5aa

Lenovo ≫ Thinkcentre M90q Tiny Version-

Lenovo ≫ Thinkcentre M90a Firmware Version < m2rkt57a

Lenovo ≫ Thinkcentre M90a Version-

Lenovo ≫ Thinkcentre M820z All-in-one Firmware Version < m1nkt62a

Lenovo ≫ Thinkcentre M820z All-in-one Version-

Lenovo ≫ Thinkcentre M80t Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M80t Version-

Lenovo ≫ Thinkcentre M80s Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M80s Version-

Lenovo ≫ Thinkcentre M80q Firmware Version < m2wkt5aa

Lenovo ≫ Thinkcentre M80q Version-

Lenovo ≫ Thinkcentre M75t Gen 2 Firmware Version-

Lenovo ≫ Thinkcentre M75t Gen 2 Version-

Lenovo ≫ Thinkcentre M75s Gen 2 Firmware Version-

Lenovo ≫ Thinkcentre M75s Gen 2 Version-

Lenovo ≫ Thinkcentre M75q Gen 2 Firmware Version < m47kt30a

Lenovo ≫ Thinkcentre M75q Gen 2 Version-

Lenovo ≫ Thinkcentre M75n Firmware Version < m33kt27a

Lenovo ≫ Thinkcentre M75n Version-

Lenovo ≫ Thinkcentre M720t Firmware Version < m1ukt72a

Lenovo ≫ Thinkcentre M720t Version-

Lenovo ≫ Thinkcentre M720s Firmware Version < m1ukt72a

Lenovo ≫ Thinkcentre M720s Version-

Lenovo ≫ Thinkcentre M720q Firmware Version < m1ukt72a

Lenovo ≫ Thinkcentre M720q Version-

Lenovo ≫ Thinkcentre M70t Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M70t Version-

Lenovo ≫ Thinkcentre M70s Firmware Version < m2tkt55a

Lenovo ≫ Thinkcentre M70s Version-

Lenovo ≫ Thinkcentre M70q Firmware Version < m2wkt5aa

Lenovo ≫ Thinkcentre M70q Version-

Lenovo ≫ Thinkcentre M70c Firmware Version < m2vkt21a

Lenovo ≫ Thinkcentre M70c Version-

Lenovo ≫ V50t-13iob G2 Firmware Version < m3gkt3da

Lenovo ≫ V50t-13iob G2 Version-

Lenovo ≫ V55t Gen 2 13acn Firmware Version < o5jkt23a

Lenovo ≫ V55t Gen 2 13acn Version-

Lenovo ≫ V50t-13imh Firmware Version < m4pkt13a

Lenovo ≫ V50t-13imh Version-

Lenovo ≫ V50t-13imb Firmware Version < o4hkt3ca

Lenovo ≫ V50t-13imb Version-

Lenovo ≫ V50s-07imb Firmware Version < m2vkt21a

Lenovo ≫ V50s-07imb Version-

Lenovo ≫ V50a-24imb Firmware Version < m36kt32a

Lenovo ≫ V50a-24imb Version-

Lenovo ≫ V50a-22imb Firmware Version < m36kt32a

Lenovo ≫ V50a-22imb Version-

Lenovo ≫ V30a-24iml Firmware Version < m37kt31a

Lenovo ≫ V30a-24iml Version-

Lenovo ≫ V30a-22iml Firmware Version < m37kt31a

Lenovo ≫ V30a-22iml Version-

Lenovo ≫ Thinkcentre M70c Firmware Version < m2vkt21a

Lenovo ≫ Thinkcentre M70c Version-

Lenovo ≫ Thinkedge Se30 Firmware Version < m3fkt2da

Lenovo ≫ Thinkedge Se30 Version-

Lenovo ≫ Thinkstation P920 Workstation Firmware Version-

Lenovo ≫ Thinkstation P920 Workstation Version-

Lenovo ≫ Thinkstation P720 Workstation Firmware Version-

Lenovo ≫ Thinkstation P720 Workstation Version-

Lenovo ≫ Thinkstation P520c Workstation Firmware Version-

Lenovo ≫ Thinkstation P520c Workstation Version-

Lenovo ≫ Thinkstation P520 Workstation Firmware Version-

Lenovo ≫ Thinkstation P520 Workstation Version-

Lenovo ≫ Thinkstation P360 Workstation Firmware Version-

Lenovo ≫ Thinkstation P360 Workstation Version-

Lenovo ≫ Thinkstation P360 Workstation Firmware Version < s0ekt45a

Lenovo ≫ Thinkstation P360 Workstation Version-

Lenovo ≫ Thinkstation P350 Workstation Firmware Version-

Lenovo ≫ Thinkstation P350 Workstation Version-

Lenovo ≫ Thinkstation P348 Workstation Firmware Version < m3kkt3ba

Lenovo ≫ Thinkstation P348 Workstation Version-

Lenovo ≫ Thinkstation P340 Workstation Firmware Version < s08kt55a

Lenovo ≫ Thinkstation P340 Workstation Version-

Lenovo ≫ Thinkstation P340 Tiny Workstation Firmware Version < m2wkt5aa

Lenovo ≫ Thinkstation P340 Tiny Workstation Version-

Lenovo ≫ Thinkstation P330 Workstation 2nd Gen Firmware Version < m1vkt72a

Lenovo ≫ Thinkstation P330 Workstation 2nd Gen Version-

Lenovo ≫ Thinkstation P330 Workstation Firmware Version < m1vkt72a

Lenovo ≫ Thinkstation P330 Workstation Version-

Lenovo ≫ Thinkstation P330 Tiny Workstation Firmware Version < m1ukt72a

Lenovo ≫ Thinkstation P330 Tiny Workstation Version-

Lenovo ≫ Thinkstation P320 Workstation Firmware Version < s06kt64a

Lenovo ≫ Thinkstation P320 Workstation Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.089

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
psirt@lenovo.com	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://support.lenovo.com/us/en/product_security/LEN-141775

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-45079

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-45079

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-45079

EUVD