National Cyber Warfare Foundation (NCWF) Forums


CVE-2022-48189 (thinkpad_e14_firmware, thinkpad_e14_gen_2_firmware, thinkpad_e14_gen_4_firmware, thinkpad_e15_firmware, thinkpad_e15_gen_2_firmware, t


0 user ratings
2023-11-03 18:11:10
milo
CVEs

 - archive -- 
An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code.

CVE-2022-48189 (thinkpad_e14_firmware, thinkpad_e14_gen_2_firmware, thinkpad_e14_gen_4_firmware, thinkpad_e15_firmware, thinkpad_e15_gen_2_firmware, thinkpad_e15_gen_4_firmware, thinkpad_e490_firmware, thinkpad_e490s_firmware, thinkpad_e590_firmware, thinkpad_l13_gen_3_firmware, thinkpad_l13_yoga_gen_3_firmware, thinkpad_l14_firmware, thinkpad_l15_firmware, thinkpad_l15_gen_2_firmware, thinkpad_l15_gen_3_firmware, thinkpad_l490_firmware, thinkpad_l590_firmware, thinkpad_p1_gen_2_firmware, thinkpad_p1_gen_3_firmware, thinkpad_p1_gen_4_firmware, thinkpad_p1_gen_5_firmware, thinkpad_p14s_gen_1_firmware, thinkpad_p14s_gen_2_firmware, thinkpad_p14s_gen_3_firmware, thinkpad_p15_gen_1_firmware, thinkpad_p15_gen_2_firmware, thinkpad_p15s_gen_1_firmware, thinkpad_p15s_gen_2_firmware, thinkpad_p15v_gen_1_firmware, thinkpad_p15v_gen_2_firmware, thinkpad_p15v_gen_3_firmware, thinkpad_p16_gen_1_firmware, thinkpad_p16s_gen_1_firmware, thinkpad_p17_gen_1_firmware, thinkpad_p17_gen_2_firmware, thinkpad_p43s_firmware, thinkpad_p53_firmware, thinkpad_p53s_firmware, thinkpad_p73_firmware, thinkpad_t14_gen_1_firmware, thinkpad_t14_gen_2_firmware, thinkpad_t14_gen_3_firmware, thinkpad_t14s_firmware, thinkpad_t14s_gen_2_firmware, thinkpad_t14s_gen_3_firmware, thinkpad_t15_firmware, thinkpad_t15_gen_2_firmware, thinkpad_t15g_gen_1_firmware, thinkpad_t15g_gen_2_firmware, thinkpad_t15p_gen_1_firmware, thinkpad_t15p_gen_2_firmware, thinkpad_t15p_gen_3_firmware, thinkpad_t16_gen_1_firmware, thinkpad_t490_firmware, thinkpad_t490s_firmware, thinkpad_t590_firmware, thinkpad_thinkpad_r14_gen_2_firmware, thinkpad_thinkpad_r14_gen_4_firmware, thinkpad_thinkpad_s3_2nd_gen_firmware, thinkpad_x1_carbon_10th_gen_firmware, thinkpad_x1_carbon_7th_gen_firmware, thinkpad_x1_carbon_8th_gen_firmware, thinkpad_x1_carbon_9th_gen_firmware, thinkpad_x1_extreme_2nd_gen_firmware, thinkpad_x1_extreme_3rd_gen_firmware, thinkpad_x1_extreme_4th_gen_firmware, thinkpad_x1_extreme_gen_5_firmware, thinkpad_x1_nano_gen_1_firmware, thinkpad_x1_nano_gen_2_firmware, thinkpad_x1_titanium_firmware, thinkpad_x1_yoga_4th_gen_firmware, thinkpad_x1_yoga_5th_gen_firmware, thinkpad_x1_yoga_6th_gen_firmware, thinkpad_x1_yoga_7th_gen_firmware, thinkpad_x12_detachable_gen_1_firmware, thinkpad_x13_firmware, thinkpad_x13_gen_2_firmware, thinkpad_x13_gen_3_firmware, thinkpad_x13_yoga_gen_1_firmware, thinkpad_x13_yoga_gen_2_firmware, thinkpad_x13_yoga_gen_3_firmware, thinkpad_x390_firmware, thinkpad_x390_yoga_firmware, thinkpad_z13_gen_1_firmware, thinkpad_z16_gen_1_firmware)
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48189
An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code.
2023-10-30T15:15:39Z

Source: CVEAnnouncements
Source Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48189


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
CVEs



Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.