CVE-2022-3430

Description

A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.

Related CPE's

olenovod330-10igl_firmware********

hlenovod330-10igl-*******

olenovoideapad_5_pro_16iah7_firmware********

hlenovoideapad_5_pro_16iah7-*******

olenovoideapad_5_pro_16arh7_firmware********

hlenovoideapad_5_pro_16arh7-*******

olenovoideapad_duet_3_10igl5_firmware********

hlenovoideapad_duet_3_10igl5-*******

olenovoslim_7_16arh7_firmware********

hlenovoslim_7_16arh7-*******

References

https://support.lenovo.com/us/en/product_security/LEN-94952

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io