Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-34419

A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.

Published

2023-08-17T17:15:09.913

Last Modified

2024-11-21T08:07:12.007

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.7 (MEDIUM)

Weaknesses

Type: Primary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	lenovo	legion_5_pro_16iah7h_firmware	< j2cn51ww	Yes
Hardware	lenovo	legion_5_pro_16iah7h	-	No
Operating System	lenovo	legion_5_pro_16iah7_firmware	< j2cn51ww	Yes
Hardware	lenovo	legion_5_pro_16iah7	-	No
Operating System	lenovo	legion_5_pro_16arh7_firmware	-	Yes
Hardware	lenovo	legion_5_pro_16arh7	-	No
Operating System	lenovo	legion_5_pro_16arh7h_firmware	-	Yes
Hardware	lenovo	legion_5_pro_16arh7h	-	No
Operating System	lenovo	legion_5_15arh7_firmware	-	Yes
Hardware	lenovo	legion_5_15arh7	-	No
Operating System	lenovo	legion_5_15arh7h_firmware	-	Yes
Hardware	lenovo	legion_5_15arh7h	-	No
Operating System	lenovo	legion_5_15iah7h_firmware	< j2cn51ww	Yes
Hardware	lenovo	legion_5_15iah7h	-	No
Operating System	lenovo	legion_5_15iah7_firmware	< j2cn51ww	Yes
Hardware	lenovo	legion_5_15iah7	-	No
Operating System	lenovo	legion_5_pro-16ach6_firmware	-	Yes
Hardware	lenovo	legion_5_pro-16ach6	-	No
Operating System	lenovo	legion_5_pro-16ach6h_firmware	-	Yes
Hardware	lenovo	legion_5_pro-16ach6h	-	No
Operating System	lenovo	legion_5_pro-16ith6_firmware	-	Yes
Hardware	lenovo	legion_5_pro-16ith6	-	No
Operating System	lenovo	legion_5_pro-16ith6h_firmware	-	Yes
Hardware	lenovo	legion_5_pro-16ith6h	-	No
Operating System	lenovo	legion_5-15ach6_firmware	-	Yes
Hardware	lenovo	legion_5-15ach6	-	No
Operating System	lenovo	legion_5-15ach6a_firmware	-	Yes
Hardware	lenovo	legion_5-15ach6a	-	No
Operating System	lenovo	legion_5-15ach6h_firmware	-	Yes
Hardware	lenovo	legion_5-15ach6h	-	No
Operating System	lenovo	legion_5-15ith6_firmware	-	Yes
Hardware	lenovo	legion_5-15ith6	-	No
Operating System	lenovo	legion_5-15ith6h_firmware	-	Yes
Hardware	lenovo	legion_5-15ith6h	-	No
Operating System	lenovo	legion_5-17ach6_firmware	-	Yes
Hardware	lenovo	legion_5-17ach6	-	No
Operating System	lenovo	legion_5-17ach6h_firmware	-	Yes
Hardware	lenovo	legion_5-17ach6h	-	No
Operating System	lenovo	legion_5-17ith6_firmware	-	Yes
Hardware	lenovo	legion_5-17ith6	-	No
Operating System	lenovo	legion_5-17ith6h_firmware	-	Yes
Hardware	lenovo	legion_5-17ith6h	-	No
Operating System	lenovo	legion_7-16arha7_firmware	-	Yes
Hardware	lenovo	legion_7-16arha7	-	No
Operating System	lenovo	legion_7-16achg6_firmware	-	Yes
Hardware	lenovo	legion_7-16achg6	-	No
Operating System	lenovo	legion_7-16ithg6_firmware	-	Yes
Hardware	lenovo	legion_7-16ithg6	-	No
Operating System	lenovo	legion_pro_5_16irx8_firmware	< kwcn37ww	Yes
Hardware	lenovo	legion_pro_5_16irx8	-	No
Operating System	lenovo	legion_pro_7_16irx8_firmware	< kwcn37ww	Yes
Hardware	lenovo	legion_pro_7_16irx8	-	No
Operating System	lenovo	legion_pro_7_16irx8h_firmware	< kwcn37ww	Yes
Hardware	lenovo	legion_pro_7_16irx8h	-	No
Operating System	lenovo	legion_s7_16arha7_firmware	-	Yes
Hardware	lenovo	legion_s7_16arha7	-	No
Operating System	lenovo	thinkbook_16p_g3_arh_firmware	-	Yes
Hardware	lenovo	thinkbook_16p_g3_arh	-	No
Operating System	lenovo	thinkbook_15p_g2_ith_firmware	-	Yes
Hardware	lenovo	thinkbook_15p_g2_ith	-	No

References

https://support.lenovo.com/us/en/product_security/LEN-134879 Vendor Advisory ([email protected])
https://support.lenovo.com/us/en/product_security/LEN-134879 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)