Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-3745

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI.

Published

2023-08-23T20:15:08.660

Last Modified

2024-11-21T07:20:09.750

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.4 (MEDIUM)

Weaknesses

Type: Primary
CWE-200

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	lenovo	ideapad_1_14iau7_firmware	< jkcn34ww	Yes
Hardware	lenovo	ideapad_1_14iau7	-	No
Operating System	lenovo	ideapad_1_14igl7_firmware	< kkcn15ww	Yes
Hardware	lenovo	ideapad_1_14igl7	-	No
Operating System	lenovo	ideapad_1_15iau7_firmware	< jkcn34ww	Yes
Hardware	lenovo	ideapad_1_15iau7	-	No
Operating System	lenovo	ideapad_1_15igl7_firmware	< kkcn15ww	Yes
Hardware	lenovo	ideapad_1_15igl7	-	No
Operating System	lenovo	ideapad_1-14ijl7_firmware	< htcn31ww	Yes
Hardware	lenovo	ideapad_1-14ijl7	-	No
Operating System	lenovo	ideapad_1-15ijl7_firmware	< htcn31ww	Yes
Hardware	lenovo	ideapad_1-15ijl7	-	No
Operating System	lenovo	ideapad_3_14iau7_firmware	< jkcn34ww	Yes
Hardware	lenovo	ideapad_3_14iau7	-	No
Operating System	lenovo	ideapad_3_15iau7_firmware	< jkcn34ww	Yes
Hardware	lenovo	ideapad_3_15iau7	-	No
Operating System	lenovo	ideapad_3_17iau7_firmware	< jkcn34ww	Yes
Hardware	lenovo	ideapad_3_17iau7	-	No
Operating System	lenovo	ideapad_3-15igl05_firmware	< dvcn28ww	Yes
Hardware	lenovo	ideapad_3-15igl05	-	No
Operating System	lenovo	ideapad_3-17iil05_firmware	< emcn56ww	Yes
Hardware	lenovo	ideapad_3-17iil05	-	No
Operating System	lenovo	ideapad_3-17itl6_firmware	< ggcn51ww	Yes
Hardware	lenovo	ideapad_3-17itl6	-	No
Operating System	lenovo	ideapad_5_15ial7_firmware	< jbcn27ww	Yes
Hardware	lenovo	ideapad_5_15ial7	-	No
Operating System	lenovo	ideapad_5-15itl05_firmware	< fhcn70ww	Yes
Hardware	lenovo	ideapad_5-15itl05	-	No
Operating System	lenovo	l3-15iml05_firmware	< ejcn30ww	Yes
Hardware	lenovo	l3-15iml05	-	No
Operating System	lenovo	l3-15itl6_firmware	< gfcn29ww	Yes
Hardware	lenovo	l3-15itl6	-	No
Operating System	lenovo	legion_5_15iah7_firmware	< j2cn49ww	Yes
Hardware	lenovo	legion_5_15iah7	-	No
Operating System	lenovo	legion_5_15iah7h_firmware	< j2cn49ww	Yes
Hardware	lenovo	legion_5_15iah7h	-	No
Operating System	lenovo	legion_5_pro_16iah7_firmware	< j2cn49ww	Yes
Hardware	lenovo	legion_5_pro_16iah7	-	No
Operating System	lenovo	legion_5_pro_16iah7h_firmware	< j2cn49ww	Yes
Hardware	lenovo	legion_5_pro_16iah7h	-	No
Operating System	lenovo	legion_5_pro-16ith6_firmware	< h1cn52ww	Yes
Hardware	lenovo	legion_5_pro-16ith6	-	No
Operating System	lenovo	legion_5_pro-16ith6h_firmware	< h1cn52ww	Yes
Hardware	lenovo	legion_5_pro-16ith6h	-	No
Operating System	lenovo	legion_5-15imh05_firmware	< efcn58ww	Yes
Hardware	lenovo	legion_5-15imh05	-	No
Operating System	lenovo	legion_5-15imh05h_firmware	< efcn58ww	Yes
Hardware	lenovo	legion_5-15imh05h	-	No
Operating System	lenovo	legion_5-15imh6_firmware	< g8cn22ww	Yes
Hardware	lenovo	legion_5-15imh6	-	No
Operating System	lenovo	legion_5-15ith6_firmware	< h1cn52ww	Yes
Hardware	lenovo	legion_5-15ith6	-	No
Operating System	lenovo	legion_5-15ith6h_firmware	< h1cn52ww	Yes
Hardware	lenovo	legion_5-15ith6h	-	No
Operating System	lenovo	legion_5-17imh05_firmware	< efcn58ww	Yes
Hardware	lenovo	legion_5-17imh05	-	No
Operating System	lenovo	legion_5-17imh05h_firmware	< efcn58ww	Yes
Hardware	lenovo	legion_5-17imh05h	-	No
Operating System	lenovo	legion_5-17ith6_firmware	< h1cn52ww	Yes
Hardware	lenovo	legion_5-17ith6	-	No
Operating System	lenovo	legion_5-17ith6h_firmware	< h1cn52ww	Yes
Hardware	lenovo	legion_5-17ith6h	-	No
Operating System	lenovo	legion_5p-15imh05_firmware	< efcn58ww	Yes
Hardware	lenovo	legion_5p-15imh05	-	No
Operating System	lenovo	legion_5p-15imh05h_firmware	< efcn58ww	Yes
Hardware	lenovo	legion_5p-15imh05h	-	No
Operating System	lenovo	legion_7_16iax7_firmware	< k1cn40ww	Yes
Hardware	lenovo	legion_7_16iax7	-	No
Operating System	lenovo	legion_7-16ithg6_firmware	< h1cn52ww	Yes
Hardware	lenovo	legion_7-16ithg6	-	No
Operating System	lenovo	s14_g2_itl_firmware	< ggcn51ww	Yes
Hardware	lenovo	s14_g2_itl	-	No
Operating System	lenovo	s14_g3_iap_firmware	< jkcn34ww	Yes
Hardware	lenovo	s14_g3_iap	-	No
Operating System	lenovo	slim_7_14iap7_firmware	< jhcn28ww	Yes
Hardware	lenovo	slim_7_14iap7	-	No
Operating System	lenovo	slim_7_carbon_13iap7_firmware	< k2cn34ww	Yes
Hardware	lenovo	slim_7_carbon_13iap7	-	No
Operating System	lenovo	slim_7_prox_14iah7_firmware	< hmcn41ww	Yes
Hardware	lenovo	slim_7_prox_14iah7	-	No
Operating System	lenovo	slim_9_14iap7_firmware	< j3cn49ww	Yes
Hardware	lenovo	slim_9_14iap7	-	No
Operating System	lenovo	thinkbook_15p_imh_firmware	< f6cn26ww	Yes
Hardware	lenovo	thinkbook_15p_imh	-	No
Operating System	lenovo	v14_g2_ijl_firmware	< htcn31ww	Yes
Hardware	lenovo	v14_g2_ijl	-	No
Operating System	lenovo	v14_g3_iap_firmware	< jkcn34ww	Yes
Hardware	lenovo	v14_g3_iap	-	No
Operating System	lenovo	v15_g2_ijl_firmware	< htcn31ww	Yes
Hardware	lenovo	v15_g2_ijl	-	No
Operating System	lenovo	v15_g3_iap_firmware	< jkcn34ww	Yes
Hardware	lenovo	v15_g3_iap	-	No
Operating System	lenovo	v17_g3_iap_firmware	< jkcn34ww	Yes
Hardware	lenovo	v17_g3_iap	-	No
Operating System	lenovo	s540-13itl_firmware	< fzcn26ww	Yes
Hardware	lenovo	s540-13itl	-	No
Operating System	lenovo	slim_7_pro-14ihu5_firmware	< fjcn74ww	Yes
Hardware	lenovo	slim_7_pro-14ihu5	-	No
Operating System	lenovo	slim_9-14itl05_firmware	< escn56ww	Yes
Hardware	lenovo	slim_9-14itl05	-	No
Operating System	lenovo	thinkbook_15p_g2_ith_firmware	< hjcn32ww	Yes
Hardware	lenovo	thinkbook_15p_g2_ith	-	No
Operating System	lenovo	v14_g1-iml_firmware	< dxcn44ww	Yes
Hardware	lenovo	v14_g1-iml	-	No
Operating System	lenovo	v14_g2-itl_firmware	< ggcn51ww	Yes
Hardware	lenovo	v14_g2-itl	-	No
Operating System	lenovo	v14-igl_firmware	< dvcn28ww	Yes
Hardware	lenovo	v14-igl	-	No
Operating System	lenovo	v15_g1-iml_firmware	< dxcn44ww	Yes
Hardware	lenovo	v15_g1-iml	-	No
Operating System	lenovo	v15_g2-itl_firmware	< ggcn51ww	Yes
Hardware	lenovo	v15_g2-itl	-	No
Operating System	lenovo	v15-igl_firmware	< dvcn28ww	Yes
Hardware	lenovo	v15-igl	-	No
Operating System	lenovo	v17_g2-itl_firmware	< ggcn51ww	Yes
Hardware	lenovo	v17_g2-itl	-	No
Operating System	lenovo	v17-iil_firmware	< emcn56ww	Yes
Hardware	lenovo	v17-iil	-	No
Operating System	lenovo	yoga_7_14ial7_firmware	< j1cn35ww	Yes
Hardware	lenovo	yoga_7_14ial7	-	No
Operating System	lenovo	yoga_7_16iah7_firmware	< j1cn35ww	Yes
Hardware	lenovo	yoga_7_16iah7	-	No
Operating System	lenovo	yoga_7_16iap7_firmware	< j1cn35ww	Yes
Hardware	lenovo	yoga_7_16iap7	-	No
Operating System	lenovo	yoga_7-14itl5_firmware	< f5cn59ww	Yes
Hardware	lenovo	yoga_7-14itl5	-	No
Operating System	lenovo	yoga_7-15itl5_firmware	< f5cn59ww	Yes
Hardware	lenovo	yoga_7-15itl5	-	No
Operating System	lenovo	yoga_9_14iap7_firmware	< hncn42ww	Yes
Hardware	lenovo	yoga_9_14iap7	-	No
Operating System	lenovo	yoga_slim_7_carbon_13iap7_firmware	< k2cn34ww	Yes
Hardware	lenovo	yoga_slim_7_carbon_13iap7	-	No
Operating System	lenovo	yoga_slim_7_pro_14iah7_firmware	< krcn14ww	Yes
Hardware	lenovo	yoga_slim_7_pro_14iah7	-	No
Operating System	lenovo	yoga_slim_7_pro_14iap7_firmware	< jhcn28ww	Yes
Hardware	lenovo	yoga_slim_7_pro_14iap7	-	No
Operating System	lenovo	yoga_slim_7_pro-14ihu5_firmware	< fjcn74ww	Yes
Hardware	lenovo	yoga_slim_7_pro-14ihu5	-	No
Operating System	lenovo	yoga_slim_7_pro-14ihu5_o_firmware	< fjcn74ww	Yes
Hardware	lenovo	yoga_slim_7_pro-14ihu5_o	-	No
Operating System	lenovo	yoga_slim_7_pro-14itl5_firmware	< fjcn74ww	Yes
Hardware	lenovo	yoga_slim_7_pro-14itl5	-	No
Operating System	lenovo	yoga_slim_7_prox_14iah7_firmware	< hmcn41ww	Yes
Hardware	lenovo	yoga_slim_7_prox_14iah7	-	No
Operating System	lenovo	yoga_slim_9_14iap7_firmware	< j3cn49ww	Yes
Hardware	lenovo	yoga_slim_9_14iap7	-	No
Operating System	lenovo	yoga_slim_9-14itl05_firmware	< escn56ww	Yes
Hardware	lenovo	yoga_slim_9-14itl05	-	No
Operating System	lenovo	ideapad_3-14igl05_firmware	< dvcn28ww	Yes
Hardware	lenovo	ideapad_3-14igl05	-	No
Operating System	lenovo	ideapad_3-14iil05_firmware	< emcn56ww	Yes
Hardware	lenovo	ideapad_3-14iil05	-	No
Operating System	lenovo	ideapad_3-14iml05_firmware	< dxcn44ww	Yes
Hardware	lenovo	ideapad_3-14iml05	-	No
Operating System	lenovo	ideapad_3-14itl05_firmware	< gccn32ww	Yes
Hardware	lenovo	ideapad_3-14itl05	-	No
Operating System	lenovo	ideapad_3-14itl6_firmware	< ggcn51ww	Yes
Hardware	lenovo	ideapad_3-14itl6	-	No
Operating System	lenovo	ideapad_3-15iil05_firmware	< emcn56ww	Yes
Hardware	lenovo	ideapad_3-15iil05	-	No
Operating System	lenovo	ideapad_3-15iml05_firmware	< dxcn44ww	Yes
Hardware	lenovo	ideapad_3-15iml05	-	No
Operating System	lenovo	ideapad_3-15itl05_firmware	< gccn32ww	Yes
Hardware	lenovo	ideapad_3-15itl05	-	No
Operating System	lenovo	ideapad_3-15itl6_firmware	< ggcn51ww	Yes
Hardware	lenovo	ideapad_3-15itl6	-	No
Operating System	lenovo	ideapad_3-17iml05_firmware	< dxcn44ww	Yes
Hardware	lenovo	ideapad_3-17iml05	-	No
Operating System	lenovo	ideapad_5-15iil05_firmware	< dpcn58ww	Yes
Hardware	lenovo	ideapad_5-15iil05	-	No
Operating System	lenovo	ideapad_creator_5-15imh05_firmware	< egcn40ww	Yes
Hardware	lenovo	ideapad_creator_5-15imh05	-	No
Operating System	lenovo	ideapad_gaming_3-15imh05_firmware	< egcn40ww	Yes
Hardware	lenovo	ideapad_gaming_3-15imh05	-	No

References

https://support.lenovo.com/us/en/product_security/LEN-103710 Vendor Advisory ([email protected])
https://support.lenovo.com/us/en/product_security/LEN-103710 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)