cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-7756,https://securityvulnerability.io/vulnerability/CVE-2024-7756,ThinkPad L390 Yoga Vulnerability Could Lead to Privilege Escalation,A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell.,Lenovo,"10w (type 82st, 82su) Laptop (lenovo) BiOS,L390 (type 20nr, 20ns) Laptops (thinkpad) BiOS,L390 Yoga (type 20nt, 20nu) Laptops (thinkpad) BiOS",6.8,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-09-13T17:26:58.798Z,0
CVE-2023-5078,https://securityvulnerability.io/vulnerability/CVE-2023-5078,BIOS Firmware Tampering in Lenovo ThinkPad Devices,"A vulnerability identified in Lenovo ThinkPad BIOS allows physical or local attackers with elevated privileges to potentially tamper with the BIOS firmware. This poses a risk to the integrity of the system, as unauthorized modifications could lead to undesired behaviors or unauthorized access to sensitive information. Users are advised to review security advisories for updates and mitigate risks effectively.",Lenovo,Thinkpad BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-08T22:15:00.000Z,0
CVE-2022-4575,https://securityvulnerability.io/vulnerability/CVE-2022-4575,Improper Write Protection in ThinkPad BIOS Affects Lenovo Devices,"Improper write protection of UEFI variables in the BIOS of select Lenovo ThinkPad models may allow attackers with physical or local access to exploit the system. This vulnerability can enable the bypassing of Secure Boot, potentially leading to unauthorized modifications or the execution of malicious code on affected devices. Users are advised to ensure that their systems are routinely updated and to follow recommended security practices to mitigate this risk.",Lenovo,Thinkpad BiOS,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-10-30T14:42:29.795Z,0
CVE-2022-48189,https://securityvulnerability.io/vulnerability/CVE-2022-48189,Input Validation Flaw in BIOS of Lenovo ThinkPad Models,An input validation flaw in the System Management Mode (SMM) driver within the BIOS of specific Lenovo ThinkPad models allows a local attacker with elevated privileges to execute arbitrary code. This vulnerability poses a risk to system integrity and could lead to unauthorized access or manipulation of system resources.,Lenovo,Thinkpad BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-30T14:39:23.160Z,0
CVE-2022-4574,https://securityvulnerability.io/vulnerability/CVE-2022-4574,Input Validation Flaw in BIOS of ThinkPad Laptops by Lenovo,An input validation flaw in the SMI handler of the BIOS present in specific Lenovo ThinkPad models may permit an attacker with local access and elevated privileges to execute arbitrary code. This vulnerability could potentially compromise system integrity and allow unauthorized actions by exploiting the SMI handler.,Lenovo,Thinkpad BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-30T14:36:23.273Z,0
CVE-2022-48183,https://securityvulnerability.io/vulnerability/CVE-2022-48183,BIOS Tamper Detection Issue in ThinkPad T14s Gen 3 and X13 Gen 3 by Lenovo,"A vulnerability has been identified in Lenovo's ThinkPad T14s Gen 3 and X13 Gen 3 that affects the BIOS tamper detection mechanism. Under specific conditions, this issue may prevent the mechanism from triggering as intended, which could potentially grant unauthorized access to the system. Users are advised to remain vigilant and apply necessary updates to mitigate the risks associated with this vulnerability.",Lenovo,"Thinkpad T14s X13 Gen3 BiOS - Windows,Thinkpad X13 Gen3 BiOS - Windows,Thinkpad T14s Gen 3 BiOS - Linux,Thinkpad X13 Gen3 BiOS - Linux",6.1,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2023-10-09T20:56:44.367Z,0
CVE-2022-48182,https://securityvulnerability.io/vulnerability/CVE-2022-48182,BIOS Tamper Detection Flaw in Lenovo ThinkPad T14s Gen 3 and X13 Gen 3,"A reported vulnerability in Lenovo's ThinkPad T14s Gen 3 and X13 Gen 3 models could prevent the BIOS tamper detection mechanism from triggering under certain conditions. This oversight may leave systems exposed to unauthorized access, potentially allowing attackers to bypass crucial security safeguards. Users of these models should review best practices for securing their devices and remain vigilant for updates from Lenovo.",Lenovo,"Thinkpad T14s X13 Gen3 BiOS - Windows,Thinkpad X13 Gen3 BiOS - Windows,Thinkpad T14s Gen 3 BiOS - Linux,Thinkpad X13 Gen3 BiOS - Linux",6.1,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2023-10-09T20:55:55.993Z,0
CVE-2022-3728,https://securityvulnerability.io/vulnerability/CVE-2022-3728,BIOS Tamper Detection Issue in Lenovo ThinkPad T14s Gen 3 and X13 Gen 3,"A vulnerability exists in Lenovo’s ThinkPad T14s Gen 3 and X13 Gen 3 models, where the BIOS tamper detection feature may fail to activate under certain conditions. This lapse could potentially allow unauthorized access, posing a significant security risk. Users of these devices should ensure their BIOS is updated to the latest version to mitigate this issue. For further details and guidance, refer to Lenovo's official security support page.",Lenovo,"Thinkpad T14s Gen 3 BiOS,Thinkpad X13 Gen3 BiOS",6.1,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2023-10-09T20:48:31.533Z,0
CVE-2022-1108,https://securityvulnerability.io/vulnerability/CVE-2022-1108,Improper Buffer Validation in Lenovo Flash Device Interface for ThinkPad,"A vulnerability exists in the Lenovo Flash Device Interface within the ThinkPad X1 Fold Gen 1, where improper buffer validation can be exploited. An attacker with local access and elevated privileges could potentially execute arbitrary code, posing significant risks to system integrity and security.",Lenovo,Thinkpad Bios,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-04-22T20:30:51.000Z,0
CVE-2022-1107,https://securityvulnerability.io/vulnerability/CVE-2022-1107,Vulnerability in ThinkPad Models Due to Boot Services in SMI Handler,"A potential vulnerability has been identified in certain models of Lenovo ThinkPad laptops, linked to the use of Boot Services within the SmmOEMInt15 System Management Interrupt (SMI) handler. An attacker with elevated privileges could exploit this vulnerability to execute arbitrary code, posing a significant risk to system integrity and security.",Lenovo,ThinkPad BIOS,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-04-22T20:30:50.000Z,0
CVE-2021-3843,https://securityvulnerability.io/vulnerability/CVE-2021-3843,Local Code Execution Vulnerability in ThinkPad Models by Lenovo,"A potential security vulnerability exists in the System Management Interface (SMI) function related to EEPROM access on certain ThinkPad models by Lenovo. This weakness may allow an attacker with local access and elevated privileges to execute arbitrary code, potentially compromising the integrity and confidentiality of the system. Immediate action is advisable to mitigate potential risks associated with this vulnerability.",Lenovo,Thinkpad BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-11-12T22:05:56.000Z,0
CVE-2021-3786,https://securityvulnerability.io/vulnerability/CVE-2021-3786,Data Leakage Vulnerability in Lenovo Notebook and ThinkPad Systems,"A potential vulnerability exists within the SMI callback function utilized in the CSME configuration of select Lenovo Notebook and ThinkPad systems. This flaw could enable unauthorized data leaks out of the SMRAM range, which may expose sensitive information and compromise system integrity. Vigilance in system updates and patches is critical for users of the affected products.",Lenovo,Notebook And Thinkpad BiOS,4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-11-12T22:05:41.000Z,0
CVE-2021-3718,https://securityvulnerability.io/vulnerability/CVE-2021-3718,Denial of Service Vulnerability in Lenovo ThinkPad Models,"A vulnerability exists in various Lenovo ThinkPad models that can lead to a denial of service, causing the system to become unresponsive. This issue is triggered when the Enhanced Biometrics feature is enabled in the BIOS settings. Users of affected ThinkPad models should take caution and review their BIOS configuration to mitigate potential disruptions in system performance.",Lenovo,Thinkpad BiOS,4.3,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2021-11-12T22:05:34.000Z,0
CVE-2021-3599,https://securityvulnerability.io/vulnerability/CVE-2021-3599,Local Code Execution Vulnerability in Lenovo ThinkPad Products,"A potential vulnerability has been identified in the SMI (System Management Interrupt) callback function utilized for accessing flash devices in select Lenovo ThinkPad models. This flaw could potentially allow an attacker, having local access along with elevated privileges, to execute arbitrary code on the affected systems. Proper mitigation strategies should be implemented to safeguard against unauthorized access and exploitation of this vulnerability.",Lenovo,Thinkpad BiOS,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-11-12T22:05:33.000Z,0
CVE-2021-3452,https://securityvulnerability.io/vulnerability/CVE-2021-3452,Local Code Execution Flaw in Lenovo ThinkPad Models,"A potential vulnerability exists in the system shutdown SMI callback function within certain Lenovo ThinkPad models. This flaw may allow an attacker with local access and elevated privileges to execute arbitrary code, potentially compromising system integrity. Users are urged to review their security posture and apply necessary updates to mitigate risks associated with this vulnerability.",Lenovo,Thinkpad BiOS,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-07-16T20:30:16.000Z,0
CVE-2020-8335,https://securityvulnerability.io/vulnerability/CVE-2020-8335,Lenovo ThinkPad BIOS Tamper Detection Flaw,"A vulnerability exists in the BIOS tamper detection mechanism of Lenovo ThinkPad laptops. Specifically, in models including the A285, A485, T495, T495s, and X395, the detection system fails to activate when the emergency-reset button is pressed. This oversight can potentially allow unauthorized access to the system, posing a significant risk to data integrity and device security.",Lenovo,"Thinkpad A285 BiOS,Thinkpad A485 BiOS,Thinkpad T495 BiOS,Thinkpad T495s/x395 BiOS",6.1,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2020-09-01T00:00:00.000Z,0