Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-8222

A vulnerability has been identified in a signed kernel driver for the BIOS of some ThinkPad systems that can allow an attacker with Windows administrator-level privileges to call System Management Mode (SMM) services. This could lead to a denial of service attack or allow certain BIOS variables or settings to be altered (such as boot sequence). The setting or changing of BIOS passwords is not affected by this vulnerability.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 4.4, requiring local system access to exploit with relatively low complexity without requiring user interaction . The vulnerability impacts and availability (service disruption) for affected systems. Impacting 148 products from lenovo, from lenovo, from lenovo and 145 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

First disclosed in 2016, this vulnerability was reported during a period defined by widespread IoT adoption challenges, mobile security concerns, and the emergence of advanced persistent threat (APT) techniques. Contemporary mitigation strategies focused on secure development practices and third-party component vetting.

Published

2016-11-30T15:59:00.173

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 4.4 (MEDIUM)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:N/I:N/A:C

Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

3.4

Impact Score

6.9

Weaknesses

Type: Primary
CWE-284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	lenovo	thinkpad_10_ella_2_bios	-	Yes
Operating System	lenovo	thinkpad_11e_beema_bios	-	Yes
Operating System	lenovo	thinkpad_11e_braswell_bios	-	Yes
Operating System	lenovo	thinkpad_11e_broadwell_bios	-	Yes
Operating System	lenovo	thinkpad_11e_skylake_bios	-	Yes
Operating System	lenovo	thinkpad_13e_bios	-	Yes
Operating System	lenovo	thinkpad_e450_bios	-	Yes
Operating System	lenovo	thinkpad_e450c_bios	-	Yes
Operating System	lenovo	thinkpad_e455_bios	-	Yes
Operating System	lenovo	thinkpad_e460_bios	-	Yes
Operating System	lenovo	thinkpad_e465_bios	-	Yes
Operating System	lenovo	thinkpad_e550_bios	-	Yes
Operating System	lenovo	thinkpad_e550c_bios	-	Yes
Operating System	lenovo	thinkpad_e555_bios	-	Yes
Operating System	lenovo	thinkpad_e560_bios	-	Yes
Operating System	lenovo	thinkpad_e565_bios	-	Yes
Operating System	lenovo	thinkpad_edge_e440_bios	-	Yes
Operating System	lenovo	thinkpad_edge_e445_bios	-	Yes
Operating System	lenovo	thinkpad_edge_e540_bios	-	Yes
Operating System	lenovo	thinkpad_edge_e545_bios	-	Yes
Operating System	lenovo	thinkpad_helix_20cg_bios	-	Yes
Operating System	lenovo	thinkpad_helix_20ch_bios	-	Yes
Operating System	lenovo	thinkpad_l440_bios	-	Yes
Operating System	lenovo	thinkpad_l450_bios	-	Yes
Operating System	lenovo	thinkpad_l460_bios	-	Yes
Operating System	lenovo	thinkpad_l540_bios	-	Yes
Operating System	lenovo	thinkpad_l560_bios	-	Yes
Operating System	lenovo	thinkpad_p50_bios	-	Yes
Operating System	lenovo	thinkpad_p50s_bios	-	Yes
Operating System	lenovo	thinkpad_p70_bios	-	Yes
Operating System	lenovo	thinkpad_s1_yoga_12_bios	-	Yes
Operating System	lenovo	thinkpad_s1_yoga_non_vpro_bios	-	Yes
Operating System	lenovo	thinkpad_s1_yoga_vpro_bios	-	Yes
Operating System	lenovo	thinkpad_s3_s440_bios	-	Yes
Operating System	lenovo	thinkpad_s3_yoga_14_bios	-	Yes
Operating System	lenovo	thinkpad_s5_e560p_bios	-	Yes
Operating System	lenovo	thinkpad_s5_yoga_15_bios	-	Yes
Operating System	lenovo	thinkpad_s540_bios	-	Yes
Operating System	lenovo	thinkpad_t440_bios	-	Yes
Operating System	lenovo	thinkpad_t440p_bios	-	Yes
Operating System	lenovo	thinkpad_t440s_bios	-	Yes
Operating System	lenovo	thinkpad_t440u_bios	-	Yes
Operating System	lenovo	thinkpad_t450_bios	-	Yes
Operating System	lenovo	thinkpad_t450s_bios	-	Yes
Operating System	lenovo	thinkpad_t460_bios	-	Yes
Operating System	lenovo	thinkpad_t460p_bios	-	Yes
Operating System	lenovo	thinkpad_t460s_bios	-	Yes
Operating System	lenovo	thinkpad_t540_bios	-	Yes
Operating System	lenovo	thinkpad_t540p_bios	-	Yes
Operating System	lenovo	thinkpad_t550_bios	-	Yes
Operating System	lenovo	thinkpad_t560_bios	-	Yes
Operating System	lenovo	thinkpad_tablet_10_bios	-	Yes
Operating System	lenovo	thinkpad_tablet_8_bios	-	Yes
Operating System	lenovo	thinkpad_w540_bios	-	Yes
Operating System	lenovo	thinkpad_w541_bios	-	Yes
Operating System	lenovo	thinkpad_w550s_bios	-	Yes
Operating System	lenovo	thinkpad_x1_carbon_20ax_bios	-	Yes
Operating System	lenovo	thinkpad_x1_carbon_20bx_bios	-	Yes
Operating System	lenovo	thinkpad_x1_carbon_bios	-	Yes
Operating System	lenovo	thinkpad_x1_tablet_bios	-	Yes
Operating System	lenovo	thinkpad_x1_yoga_bios	-	Yes
Operating System	lenovo	thinkpad_x140e_amd_bios	-	Yes
Operating System	lenovo	thinkpad_x240_bios	-	Yes
Operating System	lenovo	thinkpad_x240s_bios	-	Yes
Operating System	lenovo	thinkpad_x250_broadwell_bios	-	Yes
Operating System	lenovo	thinkpad_x250_sharkbay_bios	-	Yes
Operating System	lenovo	thinkpad_x260_bios	-	Yes
Operating System	lenovo	thinkpad_yoga_11e_beema_bios	-	Yes
Operating System	lenovo	thinkpad_yoga_11e_bios	-	Yes
Operating System	lenovo	thinkpad_yoga_11e_braswell_bios	-	Yes
Operating System	lenovo	thinkpad_yoga_11e_broadwell_bios	-	Yes
Operating System	lenovo	thinkpad_yoga_11e_skylake_bios	-	Yes
Operating System	lenovo	thinkpad_yoga_14_460_s3_bios	-	Yes
Operating System	lenovo	thinkpad_yoga_260_s1_bios	-	Yes
Hardware	lenovo	thinkpad_10_ella_2	-	No
Hardware	lenovo	thinkpad_11e_beema	-	No
Hardware	lenovo	thinkpad_11e_braswell	-	No
Hardware	lenovo	thinkpad_11e_broadwell	-	No
Hardware	lenovo	thinkpad_11e_skylake	-	No
Hardware	lenovo	thinkpad_13e	-	No
Hardware	lenovo	thinkpad_e450	-	No
Hardware	lenovo	thinkpad_e450c	-	No
Hardware	lenovo	thinkpad_e455	-	No
Hardware	lenovo	thinkpad_e460	-	No
Hardware	lenovo	thinkpad_e465	-	No
Hardware	lenovo	thinkpad_e550	-	No
Hardware	lenovo	thinkpad_e550c	-	No
Hardware	lenovo	thinkpad_e555	-	No
Hardware	lenovo	thinkpad_e560	-	No
Hardware	lenovo	thinkpad_e565	-	No
Hardware	lenovo	thinkpad_edge_e440	-	No
Hardware	lenovo	thinkpad_edge_e445	-	No
Hardware	lenovo	thinkpad_edge_e540	-	No
Hardware	lenovo	thinkpad_edge_e545	-	No
Hardware	lenovo	thinkpad_helix_20cg	-	No
Hardware	lenovo	thinkpad_helix_20ch	-	No
Hardware	lenovo	thinkpad_l440	-	No
Hardware	lenovo	thinkpad_l450	-	No
Hardware	lenovo	thinkpad_l460	-	No
Hardware	lenovo	thinkpad_l540	-	No
Hardware	lenovo	thinkpad_l560	-	No
Hardware	lenovo	thinkpad_p50	-	No
Hardware	lenovo	thinkpad_p50s	-	No
Hardware	lenovo	thinkpad_p70	-	No
Hardware	lenovo	thinkpad_s1_yoga_12	-	No
Hardware	lenovo	thinkpad_s1_yoga_non_vpro	-	No
Hardware	lenovo	thinkpad_s1_yoga_vpro	-	No
Hardware	lenovo	thinkpad_s3_s440	-	No
Hardware	lenovo	thinkpad_s3_yoga_14	-	No
Hardware	lenovo	thinkpad_s5_e560p	-	No
Hardware	lenovo	thinkpad_s5_yoga_15	-	No
Hardware	lenovo	thinkpad_s540	-	No
Hardware	lenovo	thinkpad_t440	-	No
Hardware	lenovo	thinkpad_t440p	-	No
Hardware	lenovo	thinkpad_t440s	-	No
Hardware	lenovo	thinkpad_t440u	-	No
Hardware	lenovo	thinkpad_t450	-	No
Hardware	lenovo	thinkpad_t450s	-	No
Hardware	lenovo	thinkpad_t460	-	No
Hardware	lenovo	thinkpad_t460p	-	No
Hardware	lenovo	thinkpad_t460s	-	No
Hardware	lenovo	thinkpad_t540	-	No
Hardware	lenovo	thinkpad_t540p	-	No
Hardware	lenovo	thinkpad_t550	-	No
Hardware	lenovo	thinkpad_t560	-	No
Hardware	lenovo	thinkpad_tablet_10	-	No
Hardware	lenovo	thinkpad_tablet_8	-	No
Hardware	lenovo	thinkpad_w540	-	No
Hardware	lenovo	thinkpad_w541	-	No
Hardware	lenovo	thinkpad_w550s	-	No
Hardware	lenovo	thinkpad_x1_carbon	-	No
Hardware	lenovo	thinkpad_x1_carbon_20ax	-	No
Hardware	lenovo	thinkpad_x1_carbon_20bx	-	No
Hardware	lenovo	thinkpad_x1_tablet	-	No
Hardware	lenovo	thinkpad_x1_yoga	-	No
Hardware	lenovo	thinkpad_x140e_amd	-	No
Hardware	lenovo	thinkpad_x240	-	No
Hardware	lenovo	thinkpad_x240s	-	No
Hardware	lenovo	thinkpad_x250_broadwell	-	No
Hardware	lenovo	thinkpad_x250_sharkbay	-	No
Hardware	lenovo	thinkpad_x260	-	No
Hardware	lenovo	thinkpad_yoga_11e	-	No
Hardware	lenovo	thinkpad_yoga_11e_beema	-	No
Hardware	lenovo	thinkpad_yoga_11e_braswell	-	No
Hardware	lenovo	thinkpad_yoga_11e_broadwell	-	No
Hardware	lenovo	thinkpad_yoga_11e_skylake	-	No
Hardware	lenovo	thinkpad_yoga_14_460_s3	-	No
Hardware	lenovo	thinkpad_yoga_260_s1	-	No

References

http://www.securityfocus.com/bid/94409 ([email protected])
https://support.lenovo.com/us/en/solutions/LEN_8327 Patch, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/94409 (af854a3a-2127-422b-91ae-364da2661108)
https://support.lenovo.com/us/en/solutions/LEN_8327 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For lenovo's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.