cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-25494,https://securityvulnerability.io/vulnerability/CVE-2023-25494,Potential Vulnerability in BIOS of Desktop Products Could Allow Local Attack with Elevated Privileges,"A potential vulnerability exists within the BIOS of various Lenovo products, including Desktop, Smart Edge, and ThinkStation models. This issue may enable a local attacker with elevated privileges to write unauthorized changes to NVRAM variables, potentially compromising system configurations and security. Users of the affected products should remain vigilant and apply any available updates to mitigate risks associated with this vulnerability.",Lenovo,"Desktop BiOS, Smart Edge BiOS, Thinkstation BiOS",6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-05T21:15:00.000Z,0
CVE-2023-43581,https://securityvulnerability.io/vulnerability/CVE-2023-43581,Buffer Overflow in Lenovo Desktop Products' Update_WMI Module,"A vulnerability has been identified in the Update_WMI module of certain Lenovo Desktop products. This buffer overflow issue may enable a local attacker with elevated privileges to execute arbitrary code, potentially compromising the security and functionality of the affected systems. Users are advised to apply updates and monitor their devices for any unusual activity to mitigate this risk.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43575,https://securityvulnerability.io/vulnerability/CVE-2023-43575,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A buffer overflow vulnerability has been discovered in the UltraFunctionTable module of various Lenovo Desktop products. This flaw could potentially allow an authenticated local attacker to execute arbitrary code on the affected systems, leading to unauthorized control and manipulation. Users are strongly advised to review their system configurations and apply any necessary patches to mitigate this risk.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43576,https://securityvulnerability.io/vulnerability/CVE-2023-43576,Buffer Overflow in WMISwSmi Module of Lenovo Desktop Products,"A buffer overflow vulnerability has been identified in the WMISwSmi module present in various Lenovo Desktop products. This flaw may allow a local attacker with elevated privileges to exploit the vulnerability and execute arbitrary code, potentially compromising system integrity and security. Users are advised to apply the latest security updates to mitigate this risk.",Lenovo,Desktop BIOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43577,https://securityvulnerability.io/vulnerability/CVE-2023-43577,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A vulnerability exists in the ReFlash module of certain Lenovo Desktop products, allowing a local attacker with elevated privileges to execute arbitrary code. This issue creates potential risks where an attacker could gain unauthorized access to system-level operations, highlighting the importance of addressing security measures in firmware components.",Lenovo,Desktop BIOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43578,https://securityvulnerability.io/vulnerability/CVE-2023-43578,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A newly discovered buffer overflow vulnerability in the SmiFlash module of several Lenovo Desktop products could be exploited by a local attacker with elevated privileges. This flaw may enable such attackers to execute arbitrary code on the affected systems, thereby compromising system integrity and user security. Users are advised to review the product security updates and apply necessary patches to mitigate potential risks.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43579,https://securityvulnerability.io/vulnerability/CVE-2023-43579,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A buffer overflow vulnerability exists in the SmuV11Dxe driver on certain Lenovo desktop products. This flaw potentially allows a local attacker with elevated privileges to execute arbitrary code, posing a significant security risk. Users are advised to apply recommended updates to protect their systems.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43580,https://securityvulnerability.io/vulnerability/CVE-2023-43580,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A critical buffer overflow vulnerability has been identified in the SmuV11DxeVMR module of certain Lenovo Desktop products. This vulnerability could potentially allow a local attacker with elevated privileges to execute arbitrary code, leading to unauthorized access or control over affected systems. It is essential for users of Lenovo Desktop products to apply necessary updates and patches to mitigate this risk.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43571,https://securityvulnerability.io/vulnerability/CVE-2023-43571,Buffer Overflow in BiosExtensionLoader Module Affects Lenovo Desktop Products,"A buffer overflow vulnerability has been identified in the BiosExtensionLoader module utilized by certain Lenovo Desktop products. This flaw may permit a local attacker, who possesses elevated privileges, the potential to execute arbitrary code. Mitigating this vulnerability is crucial to maintaining the integrity and security of affected systems. For more information, consult Lenovo's security bulletin.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43572,https://securityvulnerability.io/vulnerability/CVE-2023-43572,Buffer Over-Read Vulnerability in Lenovo Desktop Products,"A buffer over-read issue was identified in the BiosExtensionLoader module of certain Lenovo Desktop products. This vulnerability could be exploited by a local attacker with elevated privileges, leading to the potential disclosure of sensitive information. Users are advised to review their systems and apply available security updates to mitigate the risk.",Lenovo,Desktop BiOS,4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43573,https://securityvulnerability.io/vulnerability/CVE-2023-43573,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A buffer overflow vulnerability exists in the LEMALLDriversConnectedEventHook module of select Lenovo Desktop products. This flaw could enable a local attacker with elevated privileges to execute arbitrary code, posing significant security risks. Users must ensure their systems are up to date to mitigate potential exploitation.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43574,https://securityvulnerability.io/vulnerability/CVE-2023-43574,Buffer Over-Read Vulnerability in Lenovo Desktop Products,"A buffer over-read vulnerability has been identified in the LEMALLDriversConnectedEventHook module affecting certain Lenovo Desktop products. This flaw may enable a local attacker with elevated privileges to potentially disclose sensitive information, raising concerns about the integrity of user data on affected systems.",Lenovo,Desktop BiOS,4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T23:15:00.000Z,0
CVE-2023-43567,https://securityvulnerability.io/vulnerability/CVE-2023-43567,Buffer Overflow in Lenovo Desktop Products,"A buffer overflow issue has been identified in the LemSecureBootForceKey module present in selected Lenovo Desktop products. This vulnerability may enable a local attacker with escalated privileges to execute arbitrary code, potentially compromising the integrity of the affected systems. Users are advised to review their security practices and monitor for updates from Lenovo to mitigate risks associated with this vulnerability.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T22:15:00.000Z,0
CVE-2023-43568,https://securityvulnerability.io/vulnerability/CVE-2023-43568,Buffer Over-read Vulnerability in Lenovo Desktop Products,"A buffer over-read vulnerability has been identified in the LemSecureBootForceKey module of certain Lenovo Desktop products. This flaw could potentially enable a local attacker with elevated privileges to gain access to sensitive information, raising significant security concerns for users. It is crucial for affected users to stay informed and take necessary actions to mitigate the risk associated with this vulnerability.",Lenovo,Desktop BiOS,4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T22:15:00.000Z,0
CVE-2023-43569,https://securityvulnerability.io/vulnerability/CVE-2023-43569,Buffer Overflow Vulnerability in Lenovo Desktop Products,"A buffer overflow vulnerability in the OemSmi module of certain Lenovo Desktop products has been identified. This flaw may enable a local attacker with elevated privileges to exploit the vulnerability, potentially allowing them to execute arbitrary code. Organizations using affected Lenovo Desktop models should investigate and apply necessary mitigations to protect their systems from potential exploitations.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T22:15:00.000Z,0
CVE-2023-43570,https://securityvulnerability.io/vulnerability/CVE-2023-43570,Local Code Execution Flaw in OemSmi Driver from Lenovo,"A vulnerability exists in the SMI callback function of Lenovo's OemSmi driver, which could permit a local attacker with elevated permissions to execute arbitrary code. This could lead to unauthorized access and potential control over the affected systems, posing significant security risks.",Lenovo,Desktop BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T22:15:00.000Z,0
CVE-2021-3519,https://securityvulnerability.io/vulnerability/CVE-2021-3519,Unauthorized Access Vulnerability in Lenovo Desktop BIOS Settings,A security flaw in certain Lenovo Desktop models allows unauthorized users to gain access to the boot menu when the 'BIOS Password At Boot Device List' setting is enabled. This could potentially lead to further exploitation of system resources or exposure of sensitive information if unmonitored.,Lenovo,Desktop BiOS,6.4,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2021-11-12T22:05:29.000Z,0
CVE-2017-3753,https://securityvulnerability.io/vulnerability/CVE-2017-3753,,"A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, conditions exist where an attacker with administrative privileges or physical access to a system may be able to run specially crafted code that can allow them to bypass system protections such as Device Guard and Hyper-V.",Lenovo,Desktop And Notebook BiOS,6.8,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2017-08-10T00:29:00.000Z,0