CVE-2022-3430
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: NVD
Description
A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
Affected (44)
Products: Lenovo: D330 10igl Firmware, Ideapad 5 Pro 16iah7 Firmware, Ideapad 5 Pro 16arh7 Firmware, Ideapad Duet 3 10igl5 Firmware, Slim 7 16arh7 Firmware, Thinkbook 15p Imp Firmware, Slim 7 14are05 Firmware, Ideapad Slim 7 14iil05 Firmware, Ideapad Slim 7 14itl05 Firmware, Ideapad Slim 7 15iil05 Firmware, Slim 7 15imh05 Firmware, Slim 7 15itl05 Firmware, Thinkbook 13x Itg Firmware, Thinkbook 14 G2 Are Firmware, Thinkbook 14 G2 Itl Firmware, Thinkbook 14 G3 Acl Firmware, Thinkbook 14 G3 Itl Firmware, Thinkbook 14 G4+ Ara Firmware, Thinkbook 14 G4+ Iap Firmware, Thinkbook 14p G3 Arh Firmware, Thinkbook 14s Yoga Itl Firmware, Thinkbook 15 G2 Are Firmware, Thinkbook 15 G2 Itl Firmware, Thinkbook 15 G3 Acl Firmware, Thinkbook 15 G3 Itl Firmware, Thinkbook 15 Gd Aba Firmware, Thinkbook 15p G2 Ith Firmware, Thinkbook 16 G4+ Ara Firmware, Thinkbook 16 G4+ Iap Firmware, Thinkbook 16p G3 Arh Firmware, Thinkbook 16p Nx Arh Firmware, Thinkbook Plus G2 Itg Firmware, Thinkbook Plus G3 Iap Firmware, Yoga Creator 7 15imh05 Firmware, Yoga Duet 7 13iml05 Firmware, Yoga Duet 7 13itl6 Firmware, Yoga Duet 7 13itl6 Lte Firmware, Yoga Slim 7 Pro 16arh7 Firmware, Yoga Slim 7 14are05 Firmware, Yoga Slim 7 14iil05 Firmware, Yoga Slim 7 14itl05 Firmware, Yoga Slim 7 15iil05 Firmware, Yoga Slim 7 15imh05 Firmware, Yoga Slim 7 15itl05 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before g0cn11ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo D330 10igl | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before j4cn33ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Ideapad 5 Pro 16iah7 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before j5cn27ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Ideapad 5 Pro 16arh7 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before eqcn37ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Ideapad Duet 3 10igl5 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before klcn15ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Slim 7 16arh7 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before f6cn25ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 15p Imp | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before dmcn43ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Slim 7 14are05 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before dhcn35ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Ideapad Slim 7 14iil05 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before fbcn29ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Ideapad Slim 7 14itl05 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before dhcn35ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Ideapad Slim 7 15iil05 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before dncn32ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Slim 7 15imh05 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before fbcn29ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Slim 7 15itl05 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before hlcn30ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 13x Itg | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before facn33ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 14 G2 Are | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before f8cn52ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 14 G2 Itl | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before gqcn35ww_hfcn30ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 14 G3 Acl | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before hrcn13ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 14 G3 Itl | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before j6cn40ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 14 G4+ Ara | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before hycn40ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 14 G4+ Iap | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before k4cn31ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 14p G3 Arh | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before fncn40ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 14s Yoga Itl | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before facn33ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 15 G2 Are | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before f8cn52ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 15 G2 Itl | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before gqcn35ww_hfcn30ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 15 G3 Acl | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before hrcn13ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 15 G3 Itl | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before jpcn20ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 15 G4 Aba | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before hjcn31ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 15p G2 Ith | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before j6cn40ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 16 G4+ Ara | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before hycn40ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 16 G4+ Iap | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before kccn31ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 16p G3 Arh | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before kjcn27ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook 16p Nx Arh | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before gycn31ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook Plus G2 Itg | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before k6cn29ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Thinkbook Plus G3 Iap | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before dncn32ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Yoga Creator 7 15imh05 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before ercn30ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Yoga Duet 7 13iml05 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before gpcn24ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Yoga Duet 7 13itl6 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before gpcn24ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Yoga Duet 7 13itl6 Lte | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before klcn15ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Yoga Slim 7 Pro 16arh7 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before dmcn43ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Yoga Slim 7 14are05 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before dmcn35ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Yoga Slim 7 14iil05 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before fbcn29ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Yoga Slim 7 14itl05 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before dhcn35ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Yoga Slim 7 15iil05 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before dncn32ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Yoga Slim 7 15imh05 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before fbcn29ww |
| Running on/with | Platform Versions |
|---|---|
Lenovo Yoga Slim 7 15itl05 | All versions |
References (2)
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.