Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2023-43570
HistoryNov 08, 2023 - 10:15 p.m.

CVE-2023-43570

2023-11-0822:15:10
CWE-20
[email protected]
web.nvd.nist.gov
21
vulnerability
smi
callback function
oemsmi driver
local attacker
arbitrary code
nvd
cve-2023-43570

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary code.

Affected configurations

NVD
Node
lenovoideacentre_c5-14imb05_firmwareRange<o4hkt3ca
AND
lenovoideacentre_c5-14imb05Match-
Node
lenovoideacentre_3-07ada05_firmwareRange<o4fkt39a
AND
lenovoideacentre_3-07ada05Match-
Node
lenovoideacentre_3-07imb05_firmwareRange<m2vkt21a
AND
lenovoideacentre_3-07imb05Match-
Node
lenovoideacentre_5_14iab7_firmwareRange<m42kt46a
AND
lenovoideacentre_5_14iab7Match-
Node
lenovoideacentre_5_14irb8_firmwareRange<m4ukt36a
AND
lenovoideacentre_5_14irb8Match-
Node
lenovoideacentre_5-14acn6_firmwareMatch-
AND
lenovoideacentre_5-14acn6Match-
Node
lenovoideacentre_t540-15ama_g_firmwareMatch-
AND
lenovoideacentre_t540-15ama_gMatch-
Node
lenovothinkcentre_neo_70t_gen_3_firmwareRange<m40kt45a
AND
lenovothinkcentre_neo_70t_gen_3Match-
Node
lenovothinkcentre_neo_50t_gen_3_firmwareRange<m42kt46a
AND
lenovothinkcentre_neo_50t_gen_3Match-
Node
lenovothinkcentre_neo_50a_24_gen_4_firmwareRange<o5xkt18a
AND
lenovothinkcentre_neo_50a_24_gen_4Match-
Node
lenovothinkcentre_neo_50a_24_gen_3_firmwareRange<o5rkt41a
AND
lenovothinkcentre_neo_50a_24_gen_3Match-
Node
lenovothinkcentre_neo_30a_27_gen_4_firmwareRange<o5nkt33a
OR
lenovothinkcentre_neo_30a_27_gen_4_firmwareMatcho5nkt33a
AND
lenovothinkcentre_neo_30a_27_gen_4Match-
Node
lenovothinkcentre_neo_30a_27_gen_3_firmwareRange<o5nkt33a
AND
lenovothinkcentre_neo_30a_27_gen_3Match-
Node
lenovothinkcentre_neo_30a_24_gen_4_firmwareRange<o5nkt33a
AND
lenovothinkcentre_neo_30a_24_gen_4Match-
Node
lenovothinkcentre_neo_30a_24_gen_3_firmwareRange<o5nkt33a
AND
lenovothinkcentre_neo_30a_24_gen_3Match-
Node
lenovothinkcentre_neo_30a_22_gen_4_firmwareRange<o5nkt33a
AND
lenovothinkcentre_neo_30a_22_gen_4Match-
Node
lenovothinkcentre_neo_30a_22_gen_3_firmwareRange<o5nkt33a
AND
lenovothinkcentre_neo_30a_22_gen_3Match-
Node
lenovothinkcentre_m920z_all-in-one_firmwareRange<m1mkt56a
AND
lenovothinkcentre_m920z_all-in-oneMatch-
Node
lenovothinkcentre_m90t_gen_3_firmwareRange<m40kt45a
AND
lenovothinkcentre_m90t_gen_3Match-
Node
lenovothinkcentre_m90t_firmwareRange<m2tkt55a
AND
lenovothinkcentre_m90tMatch-
Node
lenovothinkcentre_m90s_gen_3_firmwareRange<m40kt45a
AND
lenovothinkcentre_m90s_gen_3Match-
Node
lenovothinkcentre_m90s_firmwareRange<m2tkt55a
AND
lenovothinkcentre_m90sMatch-
Node
lenovothinkcentre_m90q_tiny_firmwareMatch-
AND
lenovothinkcentre_m90q_tinyMatch-
Node
lenovothinkcentre_m90q_gen_3_firmwareMatch-
AND
lenovothinkcentre_m90q_gen_3Match-
Node
lenovothinkcentre_m90q_gen_2_firmwareMatch-
AND
lenovothinkcentre_m90q_gen_2Match-
Node
lenovothinkcentre_m90a_pro_gen_3_firmwareRange<m4hkt1da
AND
lenovothinkcentre_m90a_pro_gen_3Match-
Node
lenovothinkcentre_m90a_gen_3_firmwareRange<m4ikt1da
AND
lenovothinkcentre_m90a_gen_3Match-
Node
lenovothinkcentre_m90a_gen_2_firmwareRange<m3lkt2aa
AND
lenovothinkcentre_m90a_gen_2Match-
Node
lenovothinkcentre_m90a_firmwareRange<m2rkt57a
AND
lenovothinkcentre_m90aMatch-
Node
lenovothinkcentre_m80t_gen_3_firmwareRange<m40kt45a
AND
lenovothinkcentre_m80t_gen_3Match-
Node
lenovothinkcentre_m80t_firmwareRange<m2tkt55a
AND
lenovothinkcentre_m80tMatch-
Node
lenovothinkcentre_m80s_gen_3_firmwareRange<m40kt45a
AND
lenovothinkcentre_m80s_gen_3Match-
Node
lenovothinkcentre_m80s_firmwareRange<m2tkt55a
AND
lenovothinkcentre_m80sMatch-
Node
lenovothinkcentre_m80q_gen_3_firmwareMatch-
AND
lenovothinkcentre_m80q_gen_3Match-
Node
lenovothinkcentre_m80q_firmwareMatch-
AND
lenovothinkcentre_m80qMatch-
Node
lenovothinkcentre_m75t_gen_2_firmwareMatch-
AND
lenovothinkcentre_m75t_gen_2Match-
Node
lenovothinkcentre_m75s_gen_2_firmwareMatch-
AND
lenovothinkcentre_m75s_gen_2Match-
Node
lenovothinkcentre_m75q_gen_2_firmwareMatch-
AND
lenovothinkcentre_m75q_gen_2Match-
Node
lenovothinkcentre_m75n_firmwareRange<m33kt29a
AND
lenovothinkcentre_m75nMatch-
Node
lenovothinkcentre_m70t_gen_3_firmwareRange<m41kt45a
AND
lenovothinkcentre_m70t_gen_3Match-
Node
lenovothinkcentre_m70t_firmwareRange<m2tkt55a
AND
lenovothinkcentre_m70tMatch-
Node
lenovothinkcentre_m70s_gen_3_firmwareRange<m41kt45a
AND
lenovothinkcentre_m70s_gen_3Match-
Node
lenovothinkcentre_m70s_firmwareRange<m2tkt55a
AND
lenovothinkcentre_m70sMatch-
Node
lenovothinkcentre_m70q_gen_2_firmwareMatch-
AND
lenovothinkcentre_m70q_gen_2Match-
Node
lenovothinkcentre_m70q_firmwareMatch-
AND
lenovothinkcentre_m70qMatch-
Node
lenovothinkcentre_m70c_firmwareRange<m2vkt21a
AND
lenovothinkcentre_m70cMatch-
Node
lenovothinkcentre_m70a_gen_3_firmwareMatch-
AND
lenovothinkcentre_m70a_gen_3Match-
Node
lenovothinkcentre_m630e_firmwareRange<m28kt42a
AND
lenovothinkcentre_m630eMatch-
Node
lenovothinkcentre_m625q_firmwareMatch-
AND
lenovothinkcentre_m625qMatch-
Node
lenovoloq_17irb8_firmwareRange<m4ukt36a
AND
lenovoloq_17irb8Match-
Node
lenovolegion_t5_26iab7_firmwareRange<o5lkt2ba
AND
lenovolegion_t5_26iab7Match-
Node
lenovolegion_t7-34imz5_firmwareRange<o5fkt17a
AND
lenovolegion_t7-34imz5Match-
Node
lenovolegion_t7-34iaz7_firmwareRange<o5hkt2ca
AND
lenovolegion_t7-34iaz7Match-
Node
lenovolegion_t7_34irz8_firmwareRange<o5ukt1fa
AND
lenovolegion_t7_34irz8Match-
Node
lenovolegion_t5_26irb8_firmwareRange<o5tkt1ca
AND
lenovolegion_t5_26irb8Match-
Node
lenovoideacentre_mini_5-01imh05_firmwareMatch-
AND
lenovoideacentre_mini_5-01imh05Match-
Node
lenovoideacentre_mini_5_01iaq7_firmwareRange<o53kt10a
AND
lenovoideacentre_mini_5_01iaq7Match-
Node
lenovoideacentre_gaming_5-14iob6_firmwareRange<m3gkt3da
AND
lenovoideacentre_gaming_5-14iob6Match-
Node
lenovoideacentre_gaming_5-14acn6_firmwareMatch-
AND
lenovoideacentre_gaming_5-14acn6Match-
Node
lenovoideacentre_gaming_5_17iab7_firmwareRange<m42kt46a
AND
lenovoideacentre_gaming_5_17iab7Match-
Node
lenovoideacentre_gaming_5_17acn7_firmwareMatch-
AND
lenovoideacentre_gaming_5_17acn7Match-
Node
lenovoideacentre_g5-14imb05_firmwareRange<o4hkt3ca
AND
lenovoideacentre_g5-14imb05Match-
Node
lenovoideacentre_g5-14amr05_firmwareRange<o4zkt2ba
AND
lenovoideacentre_g5-14amr05Match-
Node
lenovoideacentre_creator_5-14iob6_firmwareRange<m3gkt3da
AND
lenovoideacentre_creator_5-14iob6Match-
Node
lenovoideacentre_aio_5_27iah7_firmwareRange<o5rkt41a
AND
lenovoideacentre_aio_5_27iah7Match-
Node
lenovoideacentre_aio_5_24iah7_firmwareRange<o5rkt41a
AND
lenovoideacentre_aio_5_24iah7Match-
Node
lenovoideacentre_aio_3-27itl6_firmwareRange<o5akt34a
AND
lenovoideacentre_aio_3-27itl6Match-
Node
lenovoideacentre_aio_3-27imb05_firmwareRange<o4rkt31a
AND
lenovoideacentre_aio_3-27imb05Match-
Node
lenovoideacentre_aio_3-24itl6_firmwareRange<o5akt34a
AND
lenovoideacentre_aio_3-24itl6Match-
Node
lenovoideacentre_aio_3-24imb05_firmwareRange<o4rkt31a
AND
lenovoideacentre_aio_3-24imb05Match-
Node
lenovoideacentre_aio_3-24iil5_firmwareRange<o56kt24a
AND
lenovoideacentre_aio_3-24iil5Match-
Node
lenovoideacentre_aio_3-24alc6_firmwareRange<o5bkt25a
AND
lenovoideacentre_aio_3-24alc6Match-
Node
lenovoideacentre_aio_3-22itl6_firmwareRange<o5akt34a
AND
lenovoideacentre_aio_3-22itl6Match-
Node
lenovoideacentre_aio_3-22imb05_firmwareRange<o4rkt31a
AND
lenovoideacentre_aio_3-22imb05Match-
Node
lenovoideacentre_aio_3-22iil5_firmwareRange<o56kt24a
AND
lenovoideacentre_aio_3-22iil5Match-
Node
lenovoideacentre_aio_3_27iap7_firmwareRange<o5nkt33a
AND
lenovoideacentre_aio_3_27iap7Match-
Node
lenovoideacentre_aio_3_24iap7_firmwareRange<o5nkt33a
AND
lenovoideacentre_aio_3_24iap7Match-
Node
lenovoideacentre_aio_3_22iap7_firmwareRange<o5nkt33a
AND
lenovoideacentre_aio_3_22iap7Match-
Node
lenovoideacentre_aio_3_21itl7_firmwareRange<o5akt34a
AND
lenovoideacentre_aio_3_21itl7Match-
Node
lenovoideacentre_5-14iob6_firmwareRange<m3gkt3da
AND
lenovoideacentre_5-14iob6Match-
Node
lenovoideacentre_5-14imb05_firmwareRange<o4hkt3ca
AND
lenovoideacentre_5-14imb05Match-
Node
lenovov30a-22iml_firmwareRange<m37kt31a
AND
lenovov30a-22imlMatch-
Node
lenovov30a-22itl_firmwareRange<o5akt34a
AND
lenovov30a-22itlMatch-
Node
lenovov30a-24iml_firmwareRange<m37kt31a
AND
lenovov30a-24imlMatch-
Node
lenovov30a-24itl_firmwareRange<o5akt34a
AND
lenovov30a-24itlMatch-
Node
lenovov50a-22imb_firmwareRange<m36kt32a
AND
lenovov50a-22imbMatch-
Node
lenovov50a-24imb_firmwareRange<m36kt32a
AND
lenovov50a-24imbMatch-
Node
lenovov50s-07imb_firmwareRange<m2vkt21a
AND
lenovov50s-07imbMatch-
Node
lenovov50t-13imb_firmwareRange<o4hkt3ca
AND
lenovov50t-13imbMatch-
Node
lenovov50t-13imh_firmwareRange<m4pkt16a
AND
lenovov50t-13imhMatch-
Node
lenovov50t-13iob_firmwareRange<m3gkt3da
AND
lenovov50t-13iobMatch-
Node
lenovov55t_gen_2_13acn_firmwareRange<o5jkt2ca
AND
lenovov55t_gen_2_13acnMatch-
Node
lenovoyoga_aio_7_27arh7_firmwareMatch-
AND
lenovoyoga_aio_7_27arh7Match-
Node
lenovoyoga_aio_7-27arh6_firmwareMatch-
AND
lenovoyoga_aio_7-27arh6Match-
Node
lenovothinkedge_se30_firmwareMatch-
AND
lenovothinkedge_se30Match-
Node
lenovothinkstation_p920_workstation_firmwareMatch-
AND
lenovothinkstation_p920_workstationMatch-
Node
lenovothinkstation_p720_workstation_firmwareMatch-
AND
lenovothinkstation_p720_workstationMatch-
Node
lenovothinkstation_p520c_workstation_firmwareMatch-
AND
lenovothinkstation_p520c_workstationMatch-
Node
lenovothinkstation_p520_workstation_firmwareMatch-
AND
lenovothinkstation_p520_workstationMatch-
Node
lenovothinkstation_p360_workstation_firmwareMatch-
AND
lenovothinkstation_p360_workstationMatch-
Node
lenovothinkstation_p360_workstation_firmwareRange<s0ekt45a
AND
lenovothinkstation_p360_workstationMatch-
Node
lenovothinkstation_p360_ultra_workstation_firmwareMatch-
AND
lenovothinkstation_p360_ultra_workstationMatch-
Node
lenovothinkstation_p360_tiny_workstation_firmwareMatch-
AND
lenovothinkstation_p360_tiny_workstationMatch-
Node
lenovothinkstation_p358_workstation_firmwareRange<s0hkt23a
AND
lenovothinkstation_p358_workstationMatch-
Node
lenovothinkstation_p350_workstation_firmwareMatch-
AND
lenovothinkstation_p350_workstationMatch-
Node
lenovothinkstation_p350_tiny_workstation_firmwareMatch-
AND
lenovothinkstation_p350_tiny_workstationMatch-
Node
lenovothinkstation_p348_workstation_firmwareMatch-
AND
lenovothinkstation_p348_workstationMatch-
Node
lenovothinkstation_p340_workstation_firmwareRange<s08kt55a
AND
lenovothinkstation_p340_workstationMatch-
Node
lenovothinkstation_p340_tiny_workstation_firmwareMatch-
AND
lenovothinkstation_p340_tiny_workstationMatch-
Node
lenovothinkstation_p330_workstation_2nd_gen_firmwareRange<m1vkt73a
AND
lenovothinkstation_p330_workstation_2nd_genMatch-
Node
lenovothinkstation_p330_workstation_firmwareRange<m1vkt73a
AND
lenovothinkstation_p330_workstationMatch-
Node
lenovothinkstation_p320_workstation_firmwareMatch-
AND
lenovothinkstation_p320_workstationMatch-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Desktop BIOS",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

Related

prion 1
nvd 1
cvelist 1
prion
prion
Code injection
2023-11-08 22:15:00
nvd
nvd
CVE-2023-43570
2023-11-08 22:15:10
cvelist
cvelist
CVE-2023-43570
2023-11-08 22:07:32

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVE-2023-43570
prion1nvd1cvelist1