{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_pro_16iah7h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "84BE954E-53C8-4E3C-994E-09CB17804CF1", "versionEndExcluding": "j2cn51ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_pro_16iah7h:-:*:*:*:*:*:*:*", "matchCriteriaId": "B59F8108-1800-4D97-B87C-BC4C9BE8EF22", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_pro_16iah7_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "02B84599-B569-45A1-A74F-F28D6E27156A", "versionEndExcluding": "j2cn51ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_pro_16iah7:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D622CB4-ACA0-4F74-8FB3-EB24C7E9E8FC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_pro_16arh7_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8FB545B3-D5C6-4A42-937F-2C6F39AA7979", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_pro_16arh7:-:*:*:*:*:*:*:*", "matchCriteriaId": "86F284A9-C470-4C0F-826E-B568BB016FE5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_pro_16arh7h_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "953E0801-F793-4128-AC27-8BED0CDB8822", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_pro_16arh7h:-:*:*:*:*:*:*:*", "matchCriteriaId": "78CF7C68-12A3-4576-AB50-5EEF5F473647", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_15arh7_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD00E031-EB65-4654-85FD-86B75CB50578", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_15arh7:-:*:*:*:*:*:*:*", "matchCriteriaId": "6C2A88F4-E64A-403F-9463-F983706349F5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_15arh7h_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "332CFEAC-DDDF-4243-8294-75FE1C666502", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_15arh7h:-:*:*:*:*:*:*:*", "matchCriteriaId": "80DE4AC3-CEB5-46BC-A57E-71AD0791B210", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_15iah7h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1608435-774B-4D12-80A7-37902B865B95", "versionEndExcluding": "j2cn51ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_15iah7h:-:*:*:*:*:*:*:*", "matchCriteriaId": "730A3994-B427-41F4-9B55-7A19B02D7D05", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_15iah7_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4134B6C7-1788-4F3B-907B-9BC9047F34A3", "versionEndExcluding": "j2cn51ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_15iah7:-:*:*:*:*:*:*:*", "matchCriteriaId": "21B5AB40-6996-4B3E-A398-7EB00540CA12", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_pro-16ach6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBC42FD2-6201-4FD5-914A-CED102E1EC8F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_pro-16ach6:-:*:*:*:*:*:*:*", "matchCriteriaId": "804B9658-D98F-4916-9BEB-ECEB65FB9299", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_pro-16ach6h_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "20D56841-98A8-4A3A-BA8C-3E1173194DF0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_pro-16ach6h:-:*:*:*:*:*:*:*", "matchCriteriaId": "B807EDC0-33D8-45B3-8222-FA1BEC9A364C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_pro-16ith6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0C460CAA-7A08-441F-9893-70ED49886586", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_pro-16ith6:-:*:*:*:*:*:*:*", "matchCriteriaId": "3EF9AD51-B1FB-4268-8A5F-88E2F865CB03", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5_pro-16ith6h:-:*:*:*:*:*:*:*", "matchCriteriaId": "C774D1F4-21AE-4DB6-BA9B-5ADB12243F69", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5_pro-16ith6h_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3F1FEB10-98BA-4A30-BBE2-E8F0EE19DD13", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5-15ach6:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D3F9A72-5090-4404-9EDD-4D231BC4B3E4", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5-15ach6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB1CA03C-D44E-4772-AB64-08F3CBB90662", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5-15ach6a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C917848-0C53-47E1-96CB-961F9572C80E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5-15ach6a:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF1C7BEC-3D10-409F-BE9C-518F56CF8CBD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5-15ach6h_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "35CE8B9D-665B-4E71-8668-9BD5C73BF6D5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5-15ach6h:-:*:*:*:*:*:*:*", "matchCriteriaId": "7283601E-921A-4464-BAFD-E40949E5B80C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5-15ith6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "63DE1B40-B681-4232-B405-405F2DED0906", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5-15ith6:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0F530B9-ADD6-4D3B-BD1C-F096F4190A24", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5-15ith6h_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "69E8D8F7-3EA1-4790-BF25-2969F3CCD1CD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5-15ith6h:-:*:*:*:*:*:*:*", "matchCriteriaId": "55311365-0528-4184-ABB3-0A559F8E0445", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5-17ach6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC3BF7DC-C206-430E-88A2-29957A971568", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5-17ach6:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AC212DD-2113-4528-AE36-D5AECD09FDB5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5-17ach6h_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7378B2A0-7EDF-4DA5-AE85-19C91FF2C6FC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5-17ach6h:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB916025-A683-4490-B603-E6AD8C8129C5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5-17ith6:-:*:*:*:*:*:*:*", "matchCriteriaId": "14A431AF-D226-4F2B-AFE7-429DB3482B6C", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5-17ith6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A0BAC22-9D3D-46CB-BCB1-8E9794E004A2", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_5-17ith6h:-:*:*:*:*:*:*:*", "matchCriteriaId": "C592AD52-A6D5-4068-8A41-C8E574DF75C1", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_5-17ith6h_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D97F024-4601-45C3-B9FF-E8BE15FA1980", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_7-16arha7:-:*:*:*:*:*:*:*", "matchCriteriaId": "B69A8739-73C3-41E8-9756-8A5F45942FFC", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_7-16arha7_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "17E617DB-8B60-4B05-BC6F-7EA8263B41F7", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_7-16achg6:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA8A2D4F-2F0F-4BCB-BFE0-3C841D6E0BB6", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_7-16achg6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2505F3C7-E4F3-4C9B-B055-62B989581694", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_7-16ithg6:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F72E97F-3218-4078-A2DF-05F550DDC38F", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_7-16ithg6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "48B549CF-3DB5-4CBF-8B0B-6B9FA6EF9E37", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_pro_5_16irx8:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E6E780F-C3C0-4994-BD3B-1A20996D27E5", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_pro_5_16irx8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F43EF08-F5E6-459D-AC17-E2B467314F65", "versionEndExcluding": "kwcn37ww", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_pro_7_16irx8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D91BF02E-2366-4777-AB92-F25840481413", "versionEndExcluding": "kwcn37ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_pro_7_16irx8:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF1091A6-A1AE-41B5-AEE2-792E139FB4AD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_pro_7_16irx8h_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "476C2A5F-3EC1-4D07-8EFA-08A4A84768CF", "versionEndExcluding": "kwcn37ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_pro_7_16irx8h:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF9DC2A2-7EF0-4CEF-AF72-D4A58EAB4EDA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:legion_s7_16arha7_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1F3D33D-1B3C-4197-BF38-B9F57B7A8989", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:legion_s7_16arha7:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0B5D0F7-7B62-4DBC-9D4D-4C9B0AD1AC9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_16p_g3_arh_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5864341D-9466-4D7C-8128-47A5D82D398C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_16p_g3_arh:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE380D01-6675-4701-A747-B27067866EB1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_15p_g2_ith_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "520DB9D8-56F3-4053-8D8A-D9F90B217013", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_15p_g2_ith:-:*:*:*:*:*:*:*", "matchCriteriaId": "C46BFBA6-3285-4330-9190-8CC267DB4270", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code."}, {"lang": "es", "value": "Se ha identificado un desbordamiento de b\u00fafer en el controlador SetupUtility de algunos productos port\u00e1tiles de Lenovo los cuales podr\u00edan permitir a un atacante con acceso local y privilegios elevados ejecutar c\u00f3digo arbitrario."}], "id": "CVE-2023-34419", "lastModified": "2023-08-24T17:08:12.103", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "psirt@lenovo.com", "type": "Secondary"}]}, "published": "2023-08-17T17:15:09.913", "references": [{"source": "psirt@lenovo.com", "tags": ["Vendor Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-134879"}], "sourceIdentifier": "psirt@lenovo.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "psirt@lenovo.com", "type": "Primary"}]}