During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00032.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Lenovo Subscribe
Thinkpad 11e Subscribe
Thinkpad 11e Firmware Subscribe
Thinkpad 11e Yoga Subscribe
Thinkpad 11e Yoga Firmware Subscribe
Thinkpad Helix Subscribe
Thinkpad Helix Firmware Subscribe
Thinkpad L560 Subscribe
Thinkpad L560 Firmware Subscribe
Thinkpad L570 Subscribe
Thinkpad L570 Firmware Subscribe
Thinkpad P50s Subscribe
Thinkpad P50s Firmware Subscribe
Thinkpad P51s Subscribe
Thinkpad P51s Firmware Subscribe
Thinkpad P52s Subscribe
Thinkpad P52s Firmware Subscribe
Thinkpad S540 Subscribe
Thinkpad S540 Firmware Subscribe
Thinkpad T550 Subscribe
Thinkpad T550 Firmware Subscribe
Thinkpad T560 Subscribe
Thinkpad T560 Firmware Subscribe
Thinkpad T570 Subscribe
Thinkpad T570 Firmware Subscribe
Thinkpad T580 Subscribe
Thinkpad T580 Firmware Subscribe
Thinkpad W540 Subscribe
Thinkpad W540 Firmware Subscribe
Thinkpad W541 Subscribe
Thinkpad W541 Firmware Subscribe
Thinkpad W550s Subscribe
Thinkpad W550s Firmware Subscribe
Thinkpad X1 Carbon 3rd Gen Subscribe
Thinkpad X1 Carbon 3rd Gen Firmware Subscribe
Thinkpad X1 Carbon 4th Gen Subscribe
Thinkpad X1 Carbon 4th Gen Firmware Subscribe
Thinkpad X1 Carbon 5th Gen Kabylake Subscribe
Thinkpad X1 Carbon 5th Gen Kabylake Firmware Subscribe
Thinkpad X1 Carbon 5th Gen Skylake Subscribe
Thinkpad X1 Carbon 5th Gen Skylake Firmware Subscribe
Thinkpad X1 Tablet Gen 1 Subscribe
Thinkpad X1 Tablet Gen 1 Firmware Subscribe
Thinkpad X1 Tablet Gen 2 Subscribe
Thinkpad X1 Tablet Gen 2 Firmware Subscribe
Thinkpad X1 Yoga Subscribe
Thinkpad X1 Yoga Firmware Subscribe
Thinkpad X1 Yoga Gen 2 Subscribe
Thinkpad X1 Yoga Gen 2 Firmware Subscribe
Thinkpad X1 Yoga Gen 3 Subscribe
Thinkpad X1 Yoga Gen 3 Firmware Subscribe
Thinkpad X250 Subscribe
Thinkpad X250 Firmware Subscribe
Thinkpad X280 Subscribe
Thinkpad X280 Firmware Subscribe
Thinkpad X390 Subscribe
Thinkpad X390 Firmware Subscribe
Thinkpad Yoga 15 Subscribe
Thinkpad Yoga 15 Firmware Subscribe
Thinkpad Yoga 260 Subscribe
Thinkpad Yoga 260 Firmware Subscribe

Configuration 1 [-]

AND
cpe:2.3:o:lenovo:thinkpad_11e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_11e:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:lenovo:thinkpad_helix_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_helix:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:lenovo:thinkpad_l560_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_l560:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:lenovo:thinkpad_l570_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_l570:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:lenovo:thinkpad_p50s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_p50s:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:lenovo:thinkpad_p51s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_p51s:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:lenovo:thinkpad_p52s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_p52s:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:lenovo:thinkpad_s540_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_s540:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:lenovo:thinkpad_t550_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_t550:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:lenovo:thinkpad_t560_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_t560:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:lenovo:thinkpad_t570_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_t570:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:lenovo:thinkpad_t580_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_t580:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x1_tablet_gen_1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x1_tablet_gen_1:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x1_tablet_gen_2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x1_tablet_gen_2:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:lenovo:thinkpad_w540_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_w540:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:lenovo:thinkpad_w541_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_w541:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:lenovo:thinkpad_w550s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_w550s:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x1_carbon_3rd_gen_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x1_carbon_3rd_gen:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x1_carbon_4th_gen_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x1_carbon_4th_gen:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x1_carbon_5th_gen_kabylake_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x1_carbon_5th_gen_kabylake:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x1_carbon_5th_gen_skylake_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x1_carbon_5th_gen_skylake:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x1_yoga_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x1_yoga:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x1_yoga_gen_2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x1_yoga_gen_2:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x1_yoga_gen_3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x1_yoga_gen_3:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x250:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x280_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x280:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:lenovo:thinkpad_x390_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_x390:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:lenovo:thinkpad_11e_yoga_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_11e_yoga:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND
cpe:2.3:o:lenovo:thinkpad_yoga_15_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_yoga_15:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND
cpe:2.3:o:lenovo:thinkpad_yoga_260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:thinkpad_yoga_260:-:*:*:*:*:*:*:*

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2022-24450 During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code.
Fixes

Solution

Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-84943.

Workaround

No workaround given by the vendor.

References
Link Providers
https://support.lenovo.com/us/en/product_security/LEN-84943 cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: lenovo

Published:

Updated: 2024-08-02T23:55:24.201Z

Reserved: 2022-03-27T00:00:00

Link: CVE-2022-1107

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-04-22T21:15:10.300

Modified: 2024-11-21T06:40:03.013

Link: CVE-2022-1107

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses