{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-4574", "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "state": "PUBLISHED", "assignerShortName": "lenovo", "dateReserved": "2022-12-16T21:19:30.420Z", "datePublished": "2023-10-30T14:36:23.273Z", "dateUpdated": "2024-09-09T16:51:57.365Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ThinkPad BIOS", "vendor": "Lenovo", "versions": [{"status": "affected", "version": "various"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Lenovo thanks Yngweijw for reporting this issue."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. &nbsp;</span>\n\n"}], "value": "\nAn SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. \u00a0\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo", "dateUpdated": "2023-10-30T14:36:23.273Z"}, "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-106014"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-106014.<br>"}], "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-106014.\n"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:41:45.781Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-106014", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "lenovo", "product": "thinkpad", "cpes": ["cpe:2.3:h:lenovo:thinkpad:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "various", "status": "affected"}]}, {"vendor": "lenovo", "product": "thinkpad", "cpes": ["cpe:2.3:h:lenovo:thinkpad:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "various", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-09T16:47:13.449655Z", "id": "CVE-2022-4574", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-09T16:51:57.365Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-106014", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:41:45.781Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-4574", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-09T16:47:13.449655Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:lenovo:thinkpad:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "thinkpad", "versions": [{"status": "affected", "version": "various"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:thinkpad:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "thinkpad", "versions": [{"status": "affected", "version": "various"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-09T16:50:33.760Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Lenovo thanks Yngweijw for reporting this issue."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Lenovo", "product": "ThinkPad BIOS", "versions": [{"status": "affected", "version": "various"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-106014.\n", "supportingMedia": [{"type": "text/html", "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-106014.<br>", "base64": false}]}], "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-106014"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nAn SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. \u00a0\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. &nbsp;</span>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo", "dateUpdated": "2023-10-30T14:36:23.273Z"}}}, "cveMetadata": {"cveId": "CVE-2022-4574", "state": "PUBLISHED", "dateUpdated": "2024-09-09T16:51:57.365Z", "dateReserved": "2022-12-16T21:19:30.420Z", "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "datePublished": "2023-10-30T14:36:23.273Z", "assignerShortName": "lenovo"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x13_yoga_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4370BFA1-08A1-4470-8BC6-E7093CAE3DE4", "versionEndExcluding": "1.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x13_yoga_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "8ECF0472-8C1B-4E80-B632-9DBA2B1EACD1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x13_yoga_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C082583B-2EC3-47E9-8CE1-36308946008E", "versionEndExcluding": "1.45", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x13_yoga_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5A9CBB7-9624-4BB0-84AB-59752A0B5238", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x13_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3FAA08B5-32B4-4A45-953A-E5AE2D11835D", "versionEndExcluding": "1.33", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x13_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "8C890D81-D9C9-4AEB-A12E-DF79528876CD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x13_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FACC064B-2842-4778-87E5-22E7F13E8081", "versionEndExcluding": "1.51", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x13_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2C06223-3F58-4765-B9F4-BD56F89EA0A4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x13_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BFB812F-7FA9-45F2-89EA-D6839DDFBC1B", "versionEndExcluding": "1.26", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x13:-:*:*:*:*:*:*:*", "matchCriteriaId": "86A11BDF-2B01-4DA8-A170-593CC76CAC6D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_yoga_7th_gen_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "06D4F890-9680-4969-82FC-797105C6D5C1", "versionEndExcluding": "1.37", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_yoga_7th_gen:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E8C0B3D-72EF-42CA-BC5F-971F76E3473A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_yoga_6th_gen_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "294AFB3F-380D-4D7D-A5F7-F5A3D18C46BD", "versionEndExcluding": "1.59", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_yoga_6th_gen:-:*:*:*:*:*:*:*", "matchCriteriaId": "EFE6152B-3358-4A6B-BDB7-12E2DE2F68F7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_yoga_5th_gen_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA097E43-91AC-4253-9974-6C03F973A4DB", "versionEndExcluding": "1.30", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_yoga_5th_gen:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3D9FDBA-02A0-442B-AE79-564E9B02419A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_yoga_4th_gen_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C253868D-C92D-4D4B-8ED8-CF274E66F25E", "versionEndExcluding": "1.56", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_yoga_4th_gen:-:*:*:*:*:*:*:*", "matchCriteriaId": "6CD8B29F-E215-4D45-8FA9-E9198852D6F6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_titanium_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E273AFA5-B555-472E-8AD3-C3D7BD6653E7", "versionEndExcluding": "1.24", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_titanium:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8A5AA5B-F5E7-4871-8259-7C18E9B3675F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_nano_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADBB46B5-4F24-4712-8D93-C8665949AB87", "versionEndExcluding": "1.18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_nano_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "148AB18D-0FD8-4A55-AA82-31EE4011CFF7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_nano_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C575CD1E-0A2D-4081-9BFC-EF1F124D2B39", "versionEndExcluding": "1.55", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_nano_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "36E97E1F-97A5-4095-A015-E8CDBCCDB32F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_fold_gen_1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A78A313D-B3D2-42C5-B709-611FAB9EAE7C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_fold_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6ACABAE-B074-4EE6-B969-ECD16CBB4224", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_extreme_gen_5_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "722142CF-3A9B-48F7-85C1-562DC0178502", "versionEndExcluding": "1.16", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_extreme_gen_5:-:*:*:*:*:*:*:*", "matchCriteriaId": "4FD7A8FF-29EE-458B-89D1-B7DE4E670494", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_extreme_4th_gen_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A77AD02B-C917-4B70-BF82-F46BBCFE1750", "versionEndExcluding": "1.22", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_extreme_4th_gen:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB12985E-FC11-43D3-9F86-7255A2DC6A8D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_extreme_3rd_gen_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0381369-9B64-4E94-84C6-3AEA519FF26A", "versionEndExcluding": "1.27", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_extreme_3rd_gen:-:*:*:*:*:*:*:*", "matchCriteriaId": "8282E3FC-E185-4AE0-951D-99CADB04061B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_carbon_9th_gen_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "56A922EE-4249-42CC-9913-277714157D3E", "versionEndExcluding": "1.59", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_carbon_9th_gen:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB7E9431-4750-475E-AAD8-73C45C50AB7C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_carbon_8th_gen_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A4A4B0AA-44F7-4BD4-B097-4E377623D992", "versionEndExcluding": "1.30", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_carbon_8th_gen:-:*:*:*:*:*:*:*", "matchCriteriaId": "31B8F35D-9BF5-4D59-B74D-4293D68F27BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_carbon_7th_gen_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B378C455-D706-4D09-9F28-2F87B7EB5573", "versionEndExcluding": "1.56", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_carbon_7th_gen:-:*:*:*:*:*:*:*", "matchCriteriaId": "83747D54-1E5F-4CA1-8C6B-84CDD7417078", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_carbon_10th_gen_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "43C70644-8F4E-417C-A01E-3633F6AB6411", "versionEndExcluding": "1.37", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_carbon_10th_gen:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FA3E7D0-7B8E-4E39-8072-CD94AC9F4B85", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t16_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA56DCF0-96F9-4469-A7CD-7370E725D00A", "versionEndExcluding": "1.31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t16_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "A04B796B-A40C-43BC-8027-2539BBECF001", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t15p_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBDE4224-2466-4870-97BE-2B862EB0788F", "versionEndExcluding": "1.15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t15p_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA98B0FE-30AE-4DFD-8225-3F78CBEB2912", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t15p_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F04ABC02-424B-4362-8D6F-7EAF9BCCE81C", "versionEndExcluding": "1.19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t15p_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A4CF190-FF8E-467E-B798-A22376ABC0C3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t15p_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0496E0A9-1A3A-441D-B31D-79E45FC39954", "versionEndExcluding": "1.32", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t15p_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "01601852-005B-4654-BF5F-38925DF98F87", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t15g_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1C29FF04-60CB-475D-ADF7-3E9844C12090", "versionEndExcluding": "1.25", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t15g_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D5C0F3B-543C-4320-8C52-00C67B43BBB1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t15g_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA2C2399-C0CE-4DA3-A9E9-D1E86315B72C", "versionEndExcluding": "1.32", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t15g_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "667C012B-C203-45CD-9E12-CAF954D13CC0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t15_gen_2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "44ECDB6C-F7B1-46AD-A0D3-41C5BDC3A6A6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t15_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF9FB9A3-B1B5-42FF-9B07-0245E54237E3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t14s_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1E789C5-0833-48DC-9929-4510D73A3F3D", "versionEndExcluding": "1.33", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t14s_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3F5560A-10AE-46AE-A609-C8EB9287F779", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t14s_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF5C377F-6ED3-4300-BCB5-4EFA68DDE9E8", "versionEndExcluding": "1.51", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t14s_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "49AE9591-00C0-4136-9355-8BD5648E29A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t14s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "64B283EC-4B33-4126-A4E0-3ADF0DE66F40", "versionEndExcluding": "1.26", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t14s:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6A34E3E-C7D0-4D0E-8AF8-3BADA71C3F12", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t14_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E59AB70-AE11-4650-ABF9-87189F5F452C", "versionEndExcluding": "1.31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t14_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "33F5E4AC-0BB5-4582-A68B-B044AE1FDDF3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t14_gen_2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC7DE47A-4C00-4BE8-ABA5-294B9BAD5F41", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t14_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD6A601D-0427-453F-B4A8-4EB9C18A58C6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t14_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6411F4F1-906F-4B64-80FF-ABBC777D325D", "versionEndExcluding": "1.28", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t14_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "602BF8DB-B3D2-4078-8369-0C4608468C25", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p17_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1A5B611-578C-4828-9462-6924FAEE58D2", "versionEndExcluding": "1.25", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p17_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "668DD78B-3485-4ABE-B2B7-16ADA79B405E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p17_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBB774EB-C2D1-4D05-A650-C7E2B02B8AD1", "versionEndExcluding": "1.32", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p17_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "FB689F79-18B4-46A4-967C-E95DBE29A88C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p16s_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C6D2E2B-09D3-4990-8AD4-B7A9A866CA26", "versionEndExcluding": "1.31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p16s_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DBC3DED-A725-4686-BACD-FD2AC33D4B4C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p16_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A79DE1DD-D93B-4E15-9FDB-AEAFFBB789FD", "versionEndExcluding": "1.17", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p16_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F446C08-5FC3-4BF1-92AC-2E3B90B4FF52", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p15v_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BFED29F-5DA3-4EFA-BA37-E06963EC5A0F", "versionEndExcluding": "1.15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p15v_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "EABA0723-5AC0-4DC6-AAFD-AE30F35A30D1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p15v_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7E45376C-CC12-4338-B8E2-675329336378", "versionEndExcluding": "1.19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p15v_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A5C88DC-57D1-4988-B8E3-B325135BD3B4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p15v_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD4905D9-EC3A-47BB-A189-241F196E5793", "versionEndExcluding": "1.32", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p15v_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "82F7266E-3C5C-4936-B43F-4860E09FED09", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p15s_gen_2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2764465A-3477-4ABB-98B0-CD356CA35A0F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p15s_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "A4AE8F28-A87C-4F62-951D-92EE9952E4B1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p15s_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "30E963CF-E460-4401-8556-61ECA4BA447F", "versionEndExcluding": "1.28", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p15s_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC564275-320C-46E5-9B2F-DE795C4FB9CB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p15_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4ACF934C-9EF2-4DB4-9861-13D4C8D3D12D", "versionEndExcluding": "1.25", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p15_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "F2FB0F79-A3B7-4B2C-9D1D-B35559FF76E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p15_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BF7220B-AF14-460F-96CE-047568799B60", "versionEndExcluding": "1.32", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p15_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5FD8941-85F8-404B-93A8-3B5A0E0C0A9B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p14s_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "633B1E00-3D51-427B-B7D5-E8FC1FE94385", "versionEndExcluding": "1.31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p14s_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "C54E4EC5-68F4-484D-8A1A-607207073291", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p14s_gen_2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "68E8C048-B2DE-4167-ABDA-D8B429699A98", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p14s_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE970F53-856F-4DFF-B845-A8C5A8B14C90", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p14s_gen_1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "10470DC0-7CEE-4FFE-BAA1-4CD487C44547", "versionEndExcluding": "1.28", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p14s_gen_1:-:*:*:*:*:*:*:*", "matchCriteriaId": "C07EE7CC-32C6-4470-8A2C-BF6DF6E6E917", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p1_gen_5_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "650AE2F3-EE20-43CE-9F3D-C92A1D096F69", "versionEndExcluding": "1.16", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p1_gen_5:-:*:*:*:*:*:*:*", "matchCriteriaId": "58B3E806-E3FD-4D1D-BD7F-61EF2D06942F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p1_gen_4_firmware:1.22:*:*:*:*:*:*:*", "matchCriteriaId": "0C32956E-E9C0-4C0F-BDE2-84470A339ED1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p1_gen_4:-:*:*:*:*:*:*:*", "matchCriteriaId": "E678F178-9D1D-4BB7-B7E0-77A5E3D7D16E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p1_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "20C276F0-FCA0-46CD-846D-F8E7A45C7B3D", "versionEndExcluding": "1.27", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p1_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5FCBD54-3BF7-4F72-93B8-7205721E0E9A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l15_gen_2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "62E72104-535B-4D0F-ABFB-87D0F2725C7E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l15_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "77DDB8D3-F2BD-42AB-B927-D38FB54EE902", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E618B394-4324-4F60-A8AD-1826671A796B", "versionEndExcluding": "1.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l15:-:*:*:*:*:*:*:*", "matchCriteriaId": "65290880-A7DF-4350-8BBB-8175811EC15E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l14_gen_2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC59C8BC-31EB-4762-A3F3-3F2CCD0A3910", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l14_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5CE86BB2-232D-4DD9-9630-EA6517C64EB1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l14_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "45080E33-79A4-4F5F-8570-280AEF387445", "versionEndExcluding": "1.20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l14:-:*:*:*:*:*:*:*", "matchCriteriaId": "724B10DF-7AA6-4541-A1F4-388E7BEB2319", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nAn SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. \u00a0\n\n"}, {"lang": "es", "value": "Una vulnerabilidad de validaci\u00f3n de entrada del controlador SMI en el BIOS de algunos modelos ThinkPad podr\u00eda permitir que un atacante con acceso local y privilegios elevados ejecute c\u00f3digo arbitrario."}], "id": "CVE-2022-4574", "lastModified": "2024-11-21T07:35:31.330", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "psirt@lenovo.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-30T15:15:40.080", "references": [{"source": "psirt@lenovo.com", "tags": ["Vendor Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-106014"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-106014"}], "sourceIdentifier": "psirt@lenovo.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "psirt@lenovo.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}