6.7
CVE-2024-3100
- EPSS 0.04%
- Published 13.09.2024 18:15:04
- Last modified 14.09.2024 11:47:14
- Source psirt@lenovo.com
- Teams watchlist Login
- Open Login
A potential buffer overflow vulnerability was reported in some Lenovo Notebook products that could allow a local attacker with elevated privileges to execute arbitrary code.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Vendorlenovo
≫
Product
ideapad_1-11igl05_firmware
Default Statusunaffected
Version <
dwcn31ww
Version
0
Status
affected
Vendorlenovo
≫
Product
flex_5-14itl05_firmware
Default Statusunaffected
Version <
fxcn47ww
Version
0
Status
affected
Vendorlenovo
≫
Product
100w_gen_3_firmware
Default Statusunaffected
Version <
gacn48ww
Version
0
Status
affected
Vendorlenovo
≫
Product
yoga_slim_7_pro-14ach5_o_firmware
Default Statusunaffected
Version <
gzcn36ww
Version
0
Status
affected
Vendorlenovo
≫
Product
14w_gen_2_firmware
Default Statusunaffected
Version <
h0cn29ww
Version
0
Status
affected
Vendorlenovo
≫
Product
ideapad_5-15alc05_firmware
Default Statusunaffected
Version <
h2cn35ww
Version
0
Status
affected
Vendorlenovo
≫
Product
thinkbook_13s_g4_iap_firmware
Default Statusunaffected
Version <
hwcn52ww
Version
0
Status
affected
Vendorlenovo
≫
Product
thinkbook_13x_g2_iap_firmware
Default Statusunaffected
Version <
hxcn57ww
Version
0
Status
affected
Vendorlenovo
≫
Product
thinkbook_13s_g4_arb_firmware
Default Statusunaffected
Version <
hzcx55ww
Version
0
Status
affected
Vendorlenovo
≫
Product
ideapad_flex_5_16iau7_firmware
Default Statusunaffected
Version <
j7cn48ww
Version
0
Status
affected
Vendorlenovo
≫
Product
13w_yoga_firmware
Default Statusunaffected
Version <
jacn41ww
Version
0
Status
affected
Vendorlenovo
≫
Product
ideapad_flex_5_14alc7_firmware
Default Statusunaffected
Version <
jccn40ww
Version
0
Status
affected
Vendorlenovo
≫
Product
ideapad_1_15alc7_firmware
Default Statusunaffected
Version <
jtcn54ww
Version
0
Status
affected
Vendorlenovo
≫
Product
13w_yoga_gen_2_firmware
Default Statusunaffected
Version <
kbcn29ww
Version
0
Status
affected
Vendorlenovo
≫
Product
ideapad_slim_3_15amn8_firmware
Default Statusunaffected
Version <
l1cn41ww
Version
0
Status
affected
Vendorlenovo
≫
Product
500w_yoga_gen_4_firmware
Default Statusunaffected
Version <
l2cn34ww
Version
0
Status
affected
Version <
l3cn34ww
Version
0
Status
affected
Vendorlenovo
≫
Product
ideapad_flex_5_16iru8_firmware
Default Statusunaffected
Version <
l6cn24ww
Version
0
Status
affected
Vendorlenovo
≫
Product
ideapad_flex_5_16abr8_firmware
Default Statusunaffected
Version <
l7cn21ww
Version
0
Status
affected
Vendorlenovo
≫
Product
k14_g2_iru_firmware
Default Statusunaffected
Version <
mmcn36ww
Version
0
Status
affected
Vendorlenovo
≫
Product
thinkbook_16_g6_abp_firmware
Default Statusunaffected
Version <
mncn27ww
Version
0
Status
affected
Vendorlenovo
≫
Product
v15_g4_abp_firmware
Default Statusunaffected
Version <
mscn16ww
Version
0
Status
affected
Vendorlenovo
≫
Product
ideapad_3-17alc6_firmware
Default Statusunaffected
Version <
glcn63ww
Version
0
Status
affected
Vendorlenovo
≫
Product
ideapad_slim_3_16abr8_firmware
Default Statusunaffected
Version <
kycn32ww
Version
0
Status
affected
Vendorlenovo
≫
Product
ideapad_slim_5_light_14abr8_firmware
Default Statusunaffected
Version <
l9cn26ww
Version
0
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.101 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| psirt@lenovo.com | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-121 Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).