CVE-2023-2290

Description

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code.

Related CPE's

olenovothinkpad_e14_firmware1.23*******

hlenovothinkpad_e14-*******

olenovothinkpad_e14_gen_2_firmware1.55*******

hlenovothinkpad_e14_gen_2-*******

olenovothinkpad_e14_gen_4_firmware1.18*******

hlenovothinkpad_e14_gen_4-*******

olenovothinkpad_e14_gen_4_firmware1.16*******

hlenovothinkpad_e14_gen_4-*******

olenovothinkpad_e15_firmware1.23*******

hlenovothinkpad_e15-*******

References

https://support.lenovo.com/us/en/product_security/LEN-106014

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io