Description

An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.

Related CPE's

o

lenovo

ideacentre_c5-14imb05_firmware

Vulnerable

h

lenovo

ideacentre_c5-14imb05

-

o

lenovo

thinkcentre_e96z_firmware

Vulnerable

h

lenovo

thinkcentre_e96z

-

o

lenovo

ideacentre_3_07iab7_firmware

Vulnerable

h

lenovo

ideacentre_3_07iab7

-

o

lenovo

ideacentre_3-07imb05_firmware

Vulnerable

h

lenovo

ideacentre_3-07imb05

-

o

lenovo

ideacentre_5_14iab7_firmware

Vulnerable

h

lenovo

ideacentre_5_14iab7

-

o

lenovo

ideacentre_5-14acn6_firmware

Vulnerable

h

lenovo

ideacentre_5-14acn6

-

o

lenovo

ideacentre_5-14imb05_firmware

Vulnerable

h

lenovo

ideacentre_5-14imb05

-

o

lenovo

ideacentre_5-14iob6_firmware

Vulnerable

h

lenovo

ideacentre_5-14iob6

-

o

lenovo

ideacentre_creator_5-14iob6_firmware

Vulnerable

h

lenovo

ideacentre_creator_5-14iob6

-

o

lenovo

ideacentre_g5-14imb05_firmware

Vulnerable

h

lenovo

ideacentre_g5-14imb05

-

o

lenovo

ideacentre_gaming_5_17acn7_firmware

Vulnerable

h

lenovo

ideacentre_gaming_5_17acn7

-

o

lenovo

ideacentre_gaming_5_17iab7_firmware

Vulnerable

h

lenovo

ideacentre_gaming_5_17iab7

-

o

lenovo

ideacentre_gaming_5-14acn6_firmware

Vulnerable

h

lenovo

ideacentre_gaming_5-14acn6

-

o

lenovo

ideacentre_gaming_5-14iob6_firmware

Vulnerable

h

lenovo

ideacentre_gaming_5-14iob6

-

o

lenovo

legion_c530-19icb_firmware

Vulnerable

h

lenovo

legion_c530-19icb

-

o

lenovo

legion_t5-26iob6_firmware

Vulnerable

h

lenovo

legion_t5-26iob6

-

o

lenovo

legion_t5-28icb05_firmware

Vulnerable

h

lenovo

legion_t5-28icb05

-

o

lenovo

legion_t530-28apr_firmware

Vulnerable

h

lenovo

legion_t530-28apr

-

o

lenovo

legion_t530-28icb_firmware

Vulnerable

h

lenovo

legion_t530-28icb

-

o

lenovo

legion_t7-34imz5_firmware

Vulnerable

h

lenovo

legion_t7-34imz5

-

o

lenovo

thinkcentre_m60e_tiny_firmware

Vulnerable

h

lenovo

thinkcentre_m60e_tiny

-

o

lenovo

thinkcentre_m625q_firmware

Vulnerable

h

lenovo

thinkcentre_m625q

-

o

lenovo

thinkcentre_m630e_firmware

Vulnerable

h

lenovo

thinkcentre_m630e

-

o

lenovo

thinkcentre_m70a_firmware

Vulnerable

h

lenovo

thinkcentre_m70a

-

o

lenovo

thinkcentre_m70a_gen_2_firmware

Vulnerable

h

lenovo

thinkcentre_m70a_gen_2

-

o

lenovo

thinkcentre_m70c_firmware

Vulnerable

h

lenovo

thinkcentre_m70c

-

o

lenovo

thinkcentre_m70q_firmware

Vulnerable

h

lenovo

thinkcentre_m70q

-

o

lenovo

thinkcentre_m70q_gen_2_firmware

Vulnerable

h

lenovo

thinkcentre_m70q_gen_2

-

o

lenovo

thinkcentre_m70q_gen_3_firmware

Vulnerable

h

lenovo

thinkcentre_m70q_gen_3

-

o

lenovo

thinkcentre_m70s_gen_3_firmware

Vulnerable

h

lenovo

thinkcentre_m70s_gen_3

-

o

lenovo

thinkcentre_m70t_gen_3_firmware

Vulnerable

h

lenovo

thinkcentre_m70t_gen_3

-

o

lenovo

thinkcentre_m710e_firmware

Vulnerable

h

lenovo

thinkcentre_m710e

-

o

lenovo

thinkcentre_m710q_firmware

Vulnerable

h

lenovo

thinkcentre_m710q

-

o

lenovo

thinkcentre_m710s_firmware

Vulnerable

h

lenovo

thinkcentre_m710s

-

o

lenovo

thinkcentre_m710t_firmware

Vulnerable

h

lenovo

thinkcentre_m710t

-

o

lenovo

thinkcentre_m715q_firmware

Vulnerable

h

lenovo

thinkcentre_m715q

-

o

lenovo

thinkcentre_m715t_firmware

Vulnerable

h

lenovo

thinkcentre_m715t

-

o

lenovo

thinkcentre_m720e_firmware

Vulnerable

h

lenovo

thinkcentre_m720e

-

o

lenovo

thinkcentre_m720q_firmware

Vulnerable

h

lenovo

thinkcentre_m720q

-

o

lenovo

thinkcentre_m720s_firmware

Vulnerable

h

lenovo

thinkcentre_m720s

-

o

lenovo

thinkcentre_m720t_firmware

Vulnerable

h

lenovo

thinkcentre_m720t

-

o

lenovo

thinkcentre_m725s_firmware

Vulnerable

h

lenovo

thinkcentre_m725s

-

o

lenovo

thinkcentre_m75n_firmware

Vulnerable

h

lenovo

thinkcentre_m75n

-

o

lenovo

thinkcentre_m75q_gen_2_firmware

Vulnerable

h

lenovo

thinkcentre_m75q_gen_2

-

o

lenovo

thinkcentre_m75q-1_firmware

Vulnerable

h

lenovo

thinkcentre_m75q-1

-

o

lenovo

thinkcentre_m75s_gen_2_firmware

Vulnerable

h

lenovo

thinkcentre_m75s_gen_2

-

o

lenovo

thinkcentre_m75s-1_firmware

Vulnerable

h

lenovo

thinkcentre_m75s-1

-

o

lenovo

thinkcentre_m75t_gen_2_firmware

Vulnerable

h

lenovo

thinkcentre_m75t_gen_2

-

o

lenovo

thinkcentre_m80q_firmware

Vulnerable

h

lenovo

thinkcentre_m80q

-

o

lenovo

thinkcentre_m810z_firmware

Vulnerable

h

lenovo

thinkcentre_m810z

-

o

lenovo

thinkcentre_m818z_firmware

Vulnerable

h

lenovo

thinkcentre_m818z

-

o

lenovo

thinkcentre_m820z_firmware

Vulnerable

h

lenovo

thinkcentre_m820z

-

o

lenovo

thinkcentre_m90a_firmware

Vulnerable

h

lenovo

thinkcentre_m90a

-

o

lenovo

thinkcentre_m90a_gen2_firmware

Vulnerable

h

lenovo

thinkcentre_m90a_gen2

-

o

lenovo

thinkcentre_m90q_gen_2_firmware

Vulnerable

h

lenovo

thinkcentre_m90q_gen_2

-

o

lenovo

thinkcentre_m90q_tiny_firmware

Vulnerable

h

lenovo

thinkcentre_m90q_tiny

-

o

lenovo

thinkcentre_m910q_firmware

Vulnerable

h

lenovo

thinkcentre_m910q

-

o

lenovo

thinkcentre_m910s_firmware

Vulnerable

h

lenovo

thinkcentre_m910s

-

o

lenovo

thinkcentre_m910t_firmware

Vulnerable

h

lenovo

thinkcentre_m910t

-

o

lenovo

thinkcentre_m910x_firmware

Vulnerable

h

lenovo

thinkcentre_m910x

-

o

lenovo

thinkcentre_m920q_firmware

Vulnerable

h

lenovo

thinkcentre_m920q

-

o

lenovo

thinkcentre_m920s_firmware

Vulnerable

h

lenovo

thinkcentre_m920s

-

o

lenovo

thinkcentre_m920t_firmware

Vulnerable

h

lenovo

thinkcentre_m920t

-

o

lenovo

thinkcentre_m920x_firmware

Vulnerable

h

lenovo

thinkcentre_m920x

-

o

lenovo

thinkcentre_neo_50s_gen_3_firmware

Vulnerable

h

lenovo

thinkcentre_neo_50s_gen_3

-

o

lenovo

thinkcentre_neo_50t_gen_3_firmware

Vulnerable

h

lenovo

thinkcentre_neo_50t_gen_3

-

o

lenovo

qitian_a815_firmware

Vulnerable

h

lenovo

qitian_a815

-

o

lenovo

qt_m410_firmware

Vulnerable

h

lenovo

qt_m410

-

o

lenovo

qt_b415_firmware

Vulnerable

h

lenovo

qt_b415

-

o

lenovo

qt_m415_firmware

Vulnerable

h

lenovo

qt_m415

-

o

lenovo

ideacentre_t540-15ama_g_firmware

Vulnerable

h

lenovo

ideacentre_t540-15ama_g

-

o

lenovo

ideacentre_t540-15ick_firmware

Vulnerable

h

lenovo

ideacentre_t540-15ick

-

o

lenovo

thinkcentre_e75_t\/s_firmware

Vulnerable

h

lenovo

thinkcentre_e75_t\/s

-

o

lenovo

thinkcentre_m610_firmware

Vulnerable

h

lenovo

thinkcentre_m610

-

o

lenovo

thinkcentre_m6600q_firmware

Vulnerable

h

lenovo

thinkcentre_m6600q

-

o

lenovo

thinkcentre_m6600t_firmware

Vulnerable

h

lenovo

thinkcentre_m6600t

-

o

lenovo

thinkcentre_m6600s_firmware

Vulnerable

h

lenovo

thinkcentre_m6600s

-

o

lenovo

ideacentre_3-07ada05_firmware

Vulnerable

h

lenovo

ideacentre_3-07ada05

-

o

lenovo

ideacentre_5-14are05_firmware

Vulnerable

h

lenovo

ideacentre_5-14are05

-

o

lenovo

ideacentre_g5-14amr05_firmware

Vulnerable

h

lenovo

ideacentre_g5-14amr05

-

o

lenovo

ideacentre_510-15ick_firmware

Vulnerable

h

lenovo

ideacentre_510-15ick

-

o

lenovo

ideacentre_510a-15arr_firmware

Vulnerable

h

lenovo

ideacentre_510a-15arr

-

o

lenovo

ideacentre_510a-15ick_firmware

Vulnerable

h

lenovo

ideacentre_510a-15ick

-

o

lenovo

ideacentre_510s-07icb_firmware

Vulnerable

h

lenovo

ideacentre_510s-07icb

-

o

lenovo

ideacentre_510s-07ick_firmware

Vulnerable

h

lenovo

ideacentre_510s-07ick

-

o

lenovo

ideacentre_720-18apr_firmware

Vulnerable

h

lenovo

ideacentre_720-18apr

-

o

lenovo

ideacentre_a340-22igm_firmware

Vulnerable

h

lenovo

ideacentre_a340-22igm

-

o

lenovo

ideacentre_a340-24igm_firmware

Vulnerable

h

lenovo

ideacentre_a340-24igm

-

o

lenovo

v30a-22iml_firmware

Vulnerable

h

lenovo

v30a-22iml

-

o

lenovo

v30a-24iml_firmware

Vulnerable

h

lenovo

v30a-24iml

-

o

lenovo

v330-20icb_firmware

Vulnerable

h

lenovo

v330-20icb

-

o

lenovo

v35s-07ada_firmware

Vulnerable

h

lenovo

v35s-07ada

-

o

lenovo

v50a-22imb_firmware

Vulnerable

h

lenovo

v50a-22imb

-

o

lenovo

v50a-24imb_firmware

Vulnerable

h

lenovo

v50a-24imb

-

o

lenovo

v50s-07imb_firmware

Vulnerable

h

lenovo

v50s-07imb

-

o

lenovo

v50t-13imb_firmware

Vulnerable

h

lenovo

v50t-13imb

-

o

lenovo

v50t-13iob_g2_firmware

Vulnerable

h

lenovo

v50t-13iob_g2

-

o

lenovo

v520_firmware

Vulnerable

h

lenovo

v520

-

o

lenovo

v520s_firmware

Vulnerable

h

lenovo

v520s

-

o

lenovo

v530-15arr_firmware

Vulnerable

h

lenovo

v530-15arr

-

o

lenovo

v530-15icb_firmware

2

h

lenovo

v530-15icb

2

o

lenovo

v530-15icr_firmware

Vulnerable

h

lenovo

v530-15icr

-

o

lenovo

v530-22icb_firmware

Vulnerable

h

lenovo

v530-22icb

-

o

lenovo

v530-24icb_firmware

Vulnerable

h

lenovo

v530-24icb

-

o

lenovo

v530s-07icb_firmware

Vulnerable

h

lenovo

v530s-07icb

-

o

lenovo

v530s-07icr_firmware

Vulnerable

h

lenovo

v530s-07icr

-

o

lenovo

v540-24iwl_firmware

Vulnerable

h

lenovo

v540-24iwl

-

o

lenovo

v55t_gen_2_13acn_firmware

Vulnerable

h

lenovo

v55t_gen_2_13acn

-

o

lenovo

v55t-15api_firmware

Vulnerable

h

lenovo

v55t-15api

-

o

lenovo

v55t-15are_firmware

Vulnerable

h

lenovo

v55t-15are

-

o

lenovo

yangtian_afq150_firmware

Vulnerable

h

lenovo

yangtian_afq150

-

o

lenovo

yta8900f_firmware

Vulnerable

h

lenovo

yta8900f

-

o

lenovo

yoga_a940-27icb_firmware

Vulnerable

h

lenovo

yoga_a940-27icb

-

o

lenovo

thinkedge_se30_firmware

Vulnerable

h

lenovo

thinkedge_se30

-

lenovo

thinksmart_core_\&_controller_full_room_kit\

_microsoft_teams_rooms_firmware

-

Vulnerable

lenovo

thinksmart_core_\&_controller_full_room_kit\

_microsoft_teams_rooms

-

lenovo

thinksmart_core_\&_controller_full_room_kit\

_zoom_rooms_firmware

-

Vulnerable

lenovo

thinksmart_core_\&_controller_full_room_kit\

_zoom_rooms

-

lenovo

thinksmart_core_\&_controller_kit\

_microsoft_teams_rooms_firmware

-

Vulnerable

lenovo

thinksmart_core_\&_controller_kit\

_microsoft_teams_rooms

-

lenovo

thinksmart_core_\&_controller_kit\

_zoom_rooms_firmware

-

Vulnerable

lenovo

thinksmart_core_\&_controller_kit\

_zoom_rooms

-

o

lenovo

thinksmart_core_device_for_logitech_firmware

-

Vulnerable

h

lenovo

thinksmart_core_device_for_logitech

-

o

lenovo

thinksmart_core_device_for_poly_firmware

-

Vulnerable

h

lenovo

thinksmart_core_device_for_poly

-

lenovo

thinksmart_core_device\

_zoom_rooms_firmware

-

Vulnerable

lenovo

thinksmart_core_device\

_zoom_rooms

-

o

lenovo

thinksmart_hub_teams_firmware

Vulnerable

h

lenovo

thinksmart_hub_teams

-

o

lenovo

thinksmart_hub_zoom_firmware

Vulnerable

h

lenovo

thinksmart_hub_zoom

-

o

lenovo

thinkstation_p310_firmware

Vulnerable

h

lenovo

thinkstation_p310

-

o

lenovo

thinkstation_p320_tiny_firmware

Vulnerable

h

lenovo

thinkstation_p320_tiny

-

o

lenovo

thinkstation_p330_tiny_firmware

Vulnerable

h

lenovo

thinkstation_p330_tiny

-

o

lenovo

thinkstation_p340_tiny_firmware

Vulnerable

h

lenovo

thinkstation_p340_tiny

-

o

lenovo

thinkstation_p340_firmware

Vulnerable

h

lenovo

thinkstation_p340

-

o

lenovo

thinkstation_p348_firmware

Vulnerable

h

lenovo

thinkstation_p348

-

o

lenovo

thinkstation_p350_tiny_firmware

Vulnerable

h

lenovo

thinkstation_p350_tiny

-

o

lenovo

thinkstation_p350_firmware

Vulnerable

h

lenovo

thinkstation_p350

-

o

lenovo

thinkstation_p520_firmware

Vulnerable

h

lenovo

thinkstation_p520

-

o

lenovo

thinkstation_p520c_firmware

Vulnerable

h

lenovo

thinkstation_p520c

-

o

lenovo

thinkstation_p620_firmware

Vulnerable

h

lenovo

thinkstation_p620

-

o

lenovo

stadia_ggp-120_firmware

Vulnerable

h

lenovo

stadia_ggp-120

-

o

lenovo

thinkstation_p318_firmware

Vulnerable

h

lenovo

thinkstation_p318

-

o

lenovo

thinksystem_st50_firmware

Vulnerable

h

lenovo

thinksystem_st50

-

o

lenovo

thinksystem_st58_firmware

Vulnerable

h

lenovo

thinksystem_st58

-

References

https://support.lenovo.com/us/en/product_security/LEN-94953

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-125

[email protected]

Secondary
CWE-125

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.4 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2023-01-30T22:15:12.257

2 years ago

Last modified

2023-02-14T14:28:34.773

2 years ago