← Back

Thinkpad X1 Fold Gen 1 Firmware

thinkpad_x1_fold_gen_1_firmware

Vendor: Lenovo • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-4574
1Lenovo
54Thinkpad L14 Firmware
Thinkpad L14 Gen 2 FirmwareThinkpad L15 Firmware+51 more
Nov 21, 2024
Oct 30, 2023
N/A· v4
6.7 MEDIUM· v3
N/A· v2
An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code.  
CVE-2022-4573
1Lenovo
1Thinkpad X1 Fold Gen 1 Firmware
Nov 21, 2024
Oct 30, 2023
N/A· v4
6.7 MEDIUM· v3
N/A· v2
An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with local access and elevated privileges to execute arbitrary code.
CVE-2022-1108
1Lenovo
1Thinkpad X1 Fold Gen 1 Firmware
Nov 21, 2024
Apr 22, 2022
N/A· v4
6.7 MEDIUM· v3
7.2 HIGH· v2
A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an attacker with local access and elevated privileges to execute a...Show more
A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an attacker with local access and elevated privileges to execute arbitrary code.Show less
CVE-2021-3843
1Lenovo
29Thinkpad 11e 3rd Gen Firmware
Thinkpad 11e 4th Gen Celeron FirmwareThinkpad 11e 4th Gen I3 Firmware+26 more
Nov 21, 2024
Nov 12, 2021
N/A· v4
6.7 MEDIUM· v3
7.2 HIGH· v2
A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVE-2021-3786
1Lenovo
133Ideapad S940 14iwl Firmware
Ideapad Yoga S940 14iwl FirmwareThinkpad 10 Firmware+130 more
Nov 21, 2024
Nov 12, 2021
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range.
CVE-2021-3599
1Lenovo
133Ideapad S940 14iwl Firmware
Ideapad Yoga S940 14iwl FirmwareThinkpad 10 Firmware+130 more
Nov 21, 2024
Nov 12, 2021
N/A· v4
6.7 MEDIUM· v3
7.2 HIGH· v2
A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.