Lucene search

[email protected]CVE-2022-3745

HistoryAug 23, 2023 - 8:15 p.m.

CVE-2022-3745

2023-08-2320:15:08

CWE-200

[email protected]

web.nvd.nist.gov

vulnerability

lcfc bios

lenovo

notebooks

local attacker

smi

nvd

cve-2022-3745

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI.

Affected configurations

NVD

Node

lenovoideapad_1_14iau7Match-

AND

lenovoideapad_1_14iau7_firmwareRange<jkcn34ww

Node

lenovoideapad_1_14igl7Match-

AND

lenovoideapad_1_14igl7_firmwareRange<kkcn15ww

Node

lenovoideapad_1_15iau7Match-

AND

lenovoideapad_1_15iau7_firmwareRange<jkcn34ww

Node

lenovoideapad_1_15igl7Match-

AND

lenovoideapad_1_15igl7_firmwareRange<kkcn15ww

Node

lenovoideapad_1-14ijl7Match-

AND

lenovoideapad_1-14ijl7_firmwareRange<htcn31ww

Node

lenovoideapad_1-15ijl7Match-

AND

lenovoideapad_1-15ijl7_firmwareRange<htcn31ww

Node

lenovoideapad_3_14iau7Match-

AND

lenovoideapad_3_14iau7_firmwareRange<jkcn34ww

Node

lenovoideapad_3_15iau7Match-

AND

lenovoideapad_3_15iau7_firmwareRange<jkcn34ww

Node

lenovoideapad_3_17iau7Match-

AND

lenovoideapad_3_17iau7_firmwareRange<jkcn34ww

Node

lenovoideapad_3-15igl05Match-

AND

lenovoideapad_3-15igl05_firmwareRange<dvcn28ww

Node

lenovoideapad_3-17iil05Match-

AND

lenovoideapad_3-17iil05_firmwareRange<emcn56ww

Node

lenovoideapad_3-17itl6Match-

AND

lenovoideapad_3-17itl6_firmwareRange<ggcn51ww

Node

lenovoideapad_5_15ial7_firmwareRange<jbcn27ww

AND

lenovoideapad_5_15ial7Match-

Node

lenovoideapad_5-15itl05_firmwareRange<fhcn70ww

AND

lenovoideapad_5-15itl05Match-

Node

lenovol3-15iml05_firmwareRange<ejcn30ww

AND

lenovol3-15iml05Match-

Node

lenovol3-15itl6_firmwareRange<gfcn29ww

AND

lenovol3-15itl6Match-

Node

lenovolegion_5_15iah7_firmwareRange<j2cn49ww

AND

lenovolegion_5_15iah7Match-

Node

lenovolegion_5_15iah7h_firmwareRange<j2cn49ww

AND

lenovolegion_5_15iah7hMatch-

Node

lenovolegion_5_pro_16iah7_firmwareRange<j2cn49ww

AND

lenovolegion_5_pro_16iah7Match-

Node

lenovolegion_5_pro_16iah7h_firmwareRange<j2cn49ww

AND

lenovolegion_5_pro_16iah7hMatch-

Node

lenovolegion_5_pro-16ith6_firmwareRange<h1cn52ww

AND

lenovolegion_5_pro-16ith6Match-

Node

lenovolegion_5_pro-16ith6h_firmwareRange<h1cn52ww

AND

lenovolegion_5_pro-16ith6hMatch-

Node

lenovolegion_5-15imh05_firmwareRange<efcn58ww

AND

lenovolegion_5-15imh05Match-

Node

lenovolegion_5-15imh05h_firmwareRange<efcn58ww

AND

lenovolegion_5-15imh05hMatch-

Node

lenovolegion_5-15imh6_firmwareRange<g8cn22ww

AND

lenovolegion_5-15imh6Match-

Node

lenovolegion_5-15ith6_firmwareRange<h1cn52ww

AND

lenovolegion_5-15ith6Match-

Node

lenovolegion_5-15ith6h_firmwareRange<h1cn52ww

AND

lenovolegion_5-15ith6hMatch-

Node

lenovolegion_5-17imh05_firmwareRange<efcn58ww

AND

lenovolegion_5-17imh05Match-

Node

lenovolegion_5-17imh05h_firmwareRange<efcn58ww

AND

lenovolegion_5-17imh05hMatch-

Node

lenovolegion_5-17ith6_firmwareRange<h1cn52ww

AND

lenovolegion_5-17ith6Match-

Node

lenovolegion_5-17ith6h_firmwareRange<h1cn52ww

AND

lenovolegion_5-17ith6hMatch-

Node

lenovolegion_5p-15imh05_firmwareRange<efcn58ww

AND

lenovolegion_5p-15imh05Match-

Node

lenovolegion_5p-15imh05h_firmwareRange<efcn58ww

AND

lenovolegion_5p-15imh05hMatch-

Node

lenovolegion_7_16iax7_firmwareRange<k1cn40ww

AND

lenovolegion_7_16iax7Match-

Node

lenovolegion_7-16ithg6_firmwareRange<h1cn52ww

AND

lenovolegion_7-16ithg6Match-

Node

lenovos14_g2_itl_firmwareRange<ggcn51ww

AND

lenovos14_g2_itlMatch-

Node

lenovos14_g3_iap_firmwareRange<jkcn34ww

AND

lenovos14_g3_iapMatch-

Node

lenovoslim_7_14iap7_firmwareRange<jhcn28ww

AND

lenovoslim_7_14iap7Match-

Node

lenovoslim_7_carbon_13iap7_firmwareRange<k2cn34ww

AND

lenovoslim_7_carbon_13iap7Match-

Node

lenovoslim_7_prox_14iah7_firmwareRange<hmcn41ww

AND

lenovoslim_7_prox_14iah7Match-

Node

lenovoslim_9_14iap7_firmwareRange<j3cn49ww

AND

lenovoslim_9_14iap7Match-

Node

lenovothinkbook_15p_imh_firmwareRange<f6cn26ww

AND

lenovothinkbook_15p_imhMatch-

Node

lenovov14_g2_ijl_firmwareRange<htcn31ww

AND

lenovov14_g2_ijlMatch-

Node

lenovov14_g3_iap_firmwareRange<jkcn34ww

AND

lenovov14_g3_iapMatch-

Node

lenovov15_g2_ijl_firmwareRange<htcn31ww

AND

lenovov15_g2_ijlMatch-

Node

lenovov15_g3_iap_firmwareRange<jkcn34ww

AND

lenovov15_g3_iapMatch-

Node

lenovov17_g3_iap_firmwareRange<jkcn34ww

AND

lenovov17_g3_iapMatch-

Node

lenovos540-13itl_firmwareRange<fzcn26ww

AND

lenovos540-13itlMatch-

Node

lenovoslim_7_pro-14ihu5_firmwareRange<fjcn74ww

AND

lenovoslim_7_pro-14ihu5Match-

Node

lenovoslim_9-14itl05_firmwareRange<escn56ww

AND

lenovoslim_9-14itl05Match-

Node

lenovothinkbook_15p_g2_ith_firmwareRange<hjcn32ww

AND

lenovothinkbook_15p_g2_ithMatch-

Node

lenovov14_g1-iml_firmwareRange<dxcn44ww

AND

lenovov14_g1-imlMatch-

Node

lenovov14_g2-itl_firmwareRange<ggcn51ww

AND

lenovov14_g2-itlMatch-

Node

lenovov14-igl_firmwareRange<dvcn28ww

AND

lenovov14-iglMatch-

Node

lenovov15_g1-iml_firmwareRange<dxcn44ww

AND

lenovov15_g1-imlMatch-

Node

lenovov15_g2-itl_firmwareRange<ggcn51ww

AND

lenovov15_g2-itlMatch-

Node

lenovov15-igl_firmwareRange<dvcn28ww

AND

lenovov15-iglMatch-

Node

lenovov17_g2-itl_firmwareRange<ggcn51ww

AND

lenovov17_g2-itlMatch-

Node

lenovov17-iil_firmwareRange<emcn56ww

AND

lenovov17-iilMatch-

Node

lenovoyoga_7_14ial7_firmwareRange<j1cn35ww

AND

lenovoyoga_7_14ial7Match-

Node

lenovoyoga_7_16iah7_firmwareRange<j1cn35ww

AND

lenovoyoga_7_16iah7Match-

Node

lenovoyoga_7_16iap7_firmwareRange<j1cn35ww

AND

lenovoyoga_7_16iap7Match-

Node

lenovoyoga_7-14itl5_firmwareRange<f5cn59ww

AND

lenovoyoga_7-14itl5Match-

Node

lenovoyoga_7-15itl5_firmwareRange<f5cn59ww

AND

lenovoyoga_7-15itl5Match-

Node

lenovoyoga_9_14iap7_firmwareRange<hncn42ww

AND

lenovoyoga_9_14iap7Match-

Node

lenovoyoga_slim_7_carbon_13iap7_firmwareRange<k2cn34ww

AND

lenovoyoga_slim_7_carbon_13iap7Match-

Node

lenovoyoga_slim_7_pro_14iah7_firmwareRange<krcn14ww

AND

lenovoyoga_slim_7_pro_14iah7Match-

Node

lenovoyoga_slim_7_pro_14iap7_firmwareRange<jhcn28ww

AND

lenovoyoga_slim_7_pro_14iap7Match-

Node

lenovoyoga_slim_7_pro-14ihu5_firmwareRange<fjcn74ww

AND

lenovoyoga_slim_7_pro-14ihu5Match-

Node

lenovoyoga_slim_7_pro-14ihu5_o_firmwareRange<fjcn74ww

AND

lenovoyoga_slim_7_pro-14ihu5_oMatch-

Node

lenovoyoga_slim_7_pro-14itl5_firmwareRange<fjcn74ww

AND

lenovoyoga_slim_7_pro-14itl5Match-

Node

lenovoyoga_slim_7_prox_14iah7_firmwareRange<hmcn41ww

AND

lenovoyoga_slim_7_prox_14iah7Match-

Node

lenovoyoga_slim_9_14iap7_firmwareRange<j3cn49ww

AND

lenovoyoga_slim_9_14iap7Match-

Node

lenovoyoga_slim_9-14itl05_firmwareRange<escn56ww

AND

lenovoyoga_slim_9-14itl05Match-

Node

lenovoideapad_3-14igl05_firmwareRange<dvcn28ww

AND

lenovoideapad_3-14igl05Match-

Node

lenovoideapad_3-14iil05_firmwareRange<emcn56ww

AND

lenovoideapad_3-14iil05Match-

Node

lenovoideapad_3-14iml05_firmwareRange<dxcn44ww

AND

lenovoideapad_3-14iml05Match-

Node

lenovoideapad_3-14itl05_firmwareRange<gccn32ww

AND

lenovoideapad_3-14itl05Match-

Node

lenovoideapad_3-14itl6_firmwareRange<ggcn51ww

AND

lenovoideapad_3-14itl6Match-

Node

lenovoideapad_3-15iil05_firmwareRange<emcn56ww

AND

lenovoideapad_3-15iil05Match-

Node

lenovoideapad_3-15iml05_firmwareRange<dxcn44ww

AND

lenovoideapad_3-15iml05Match-

Node

lenovoideapad_3-15itl05_firmwareRange<gccn32ww

AND

lenovoideapad_3-15itl05Match-

Node

lenovoideapad_3-15itl6_firmwareRange<ggcn51ww

AND

lenovoideapad_3-15itl6Match-

Node

lenovoideapad_3-17iml05_firmwareRange<dxcn44ww

AND

lenovoideapad_3-17iml05Match-

Node

lenovoideapad_5-15iil05_firmwareRange<dpcn58ww

AND

lenovoideapad_5-15iil05Match-

Node

lenovoideapad_creator_5-15imh05_firmwareRange<egcn40ww

AND

lenovoideapad_creator_5-15imh05Match-

Node

lenovoideapad_gaming_3-15imh05_firmwareRange<egcn40ww

AND

lenovoideapad_gaming_3-15imh05Match-

CPENameOperatorVersion
lenovo:ideapad_1_14iau7_firmwarelenovo ideapad 1 14iau7 firmwareltjkcn34ww

CPE	Name	Operator	Version
lenovo:ideapad_1_14iau7_firmware	lenovo ideapad 1 14iau7 firmware	lt	jkcn34ww

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Notebook",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-103710

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2022-3745

cvelist1 prion1 nvd1