{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4028", "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "state": "PUBLISHED", "assignerShortName": "lenovo", "dateReserved": "2023-07-31T16:44:11.696Z", "datePublished": "2023-08-17T16:48:06.884Z", "dateUpdated": "2024-10-08T13:50:36.650Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Lenovo Notebook", "vendor": "Lenovo", "versions": [{"status": "affected", "version": "various"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Lenovo thanks Zichuan Li (@Ri7erLi) from Indiana University Bloomington for reporting this vulnerability."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code."}], "value": "A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo", "dateUpdated": "2023-08-17T16:48:06.884Z"}, "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-134879"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-134879."}], "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-134879."}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:17:11.498Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-134879", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "lenovo", "product": "ideapad_flex_5_16iau7", "cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_16iau7:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_flex_5_16iru8", "cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_16iru8:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "13w_yoga", "cpes": ["cpe:2.3:h:lenovo:13w_yoga:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "82s1", "status": "affected"}, {"version": "82s2", "status": "affected"}]}, {"vendor": "lenovo", "product": "13w_yoga_gen_2", "cpes": ["cpe:2.3:h:lenovo:13w_yoga_gen_2:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "82yr", "status": "affected"}, {"version": "82y2", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_5-14alc05", "cpes": ["cpe:2.3:h:lenovo:ideapad_5-14alc05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_5-15alc05", "cpes": ["cpe:2.3:h:lenovo:ideapad_5-15alc05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "flex_5-14are05", "cpes": ["cpe:2.3:h:lenovo:flex_5-14are05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "flex_5-14iil05", "cpes": ["cpe:2.3:h:lenovo:flex_5-14iil05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "flex_5-14itl05", "cpes": ["cpe:2.3:h:lenovo:flex_5-14itl05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "flex_5-15alc05", "cpes": ["cpe:2.3:h:lenovo:flex_5-15alc05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "flex_5-15iil05", "cpes": ["cpe:2.3:h:lenovo:flex_5-15iil05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "flex_5-15itl05", "cpes": ["cpe:2.3:h:lenovo:flex_5-15itl05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_1-11ada05", "cpes": ["cpe:2.3:h:lenovo:ideapad_1-11ada05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_1-11igl05", "cpes": ["cpe:2.3:h:lenovo:ideapad_1-11igl05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_1-14ada05", "cpes": ["cpe:2.3:h:lenovo:ideapad_1-14ada05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_1-14igl05", "cpes": ["cpe:2.3:h:lenovo:ideapad_1-14igl05:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_flex_5_14abr8", "cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_14abr8:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_flex_5_14alc7", "cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_14alc7:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_flex_5_14iau7", "cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_14iau7:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_flex_5_14iru8", "cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_14iru8:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_flex_5_16abr8", "cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_16abr8:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "ideapad_flex_5_16alc7", "cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_16alc7:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "flex_7_14iau7_firmware", "cpes": ["cpe:2.3:o:lenovo:flex_7_14iau7_firmware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "flex_7_14iru8", "cpes": ["cpe:2.3:h:lenovo:flex_7_14iru8:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "thinkbook_13s_g2_are", "cpes": ["cpe:2.3:h:lenovo:thinkbook_13s_g2_are:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "thinkbook_13s_g2_itl", "cpes": ["cpe:2.3:h:lenovo:thinkbook_13s_g2_itl:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "thinkbook_13s_g3_acn", "cpes": ["cpe:2.3:h:lenovo:thinkbook_13s_g3_acn:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "thinkbook_13s_g4_iap", "cpes": ["cpe:2.3:h:lenovo:thinkbook_13s_g4_iap:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "thinkbook_13x_g2_iap", "cpes": ["cpe:2.3:h:lenovo:thinkbook_13x_g2_iap:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "thinkbook_14s_g2_itl", "cpes": ["cpe:2.3:h:lenovo:thinkbook_14s_g2_itl:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "lenovo", "product": "yoga_9-15imh5", "cpes": ["cpe:2.3:h:lenovo:yoga_9-15imh5:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-08T13:16:57.654067Z", "id": "CVE-2023-4028", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-08T13:50:36.650Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-134879", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:17:11.498Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4028", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-08T13:16:57.654067Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_16iau7:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_flex_5_16iau7", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_16iru8:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_flex_5_16iru8", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:13w_yoga:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "13w_yoga", "versions": [{"status": "affected", "version": "82s1"}, {"status": "affected", "version": "82s2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:13w_yoga_gen_2:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "13w_yoga_gen_2", "versions": [{"status": "affected", "version": "82yr"}, {"status": "affected", "version": "82y2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_5-14alc05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_5-14alc05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_5-15alc05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_5-15alc05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:flex_5-14are05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "flex_5-14are05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:flex_5-14iil05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "flex_5-14iil05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:flex_5-14itl05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "flex_5-14itl05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:flex_5-15alc05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "flex_5-15alc05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:flex_5-15iil05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "flex_5-15iil05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:flex_5-15itl05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "flex_5-15itl05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_1-11ada05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_1-11ada05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_1-11igl05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_1-11igl05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_1-14ada05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_1-14ada05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_1-14igl05:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_1-14igl05", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_14abr8:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_flex_5_14abr8", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_14alc7:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_flex_5_14alc7", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_14iau7:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_flex_5_14iau7", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_14iru8:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_flex_5_14iru8", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_16abr8:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_flex_5_16abr8", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:ideapad_flex_5_16alc7:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "ideapad_flex_5_16alc7", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:lenovo:flex_7_14iau7_firmware:*:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "flex_7_14iau7_firmware", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:flex_7_14iru8:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "flex_7_14iru8", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:thinkbook_13s_g2_are:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "thinkbook_13s_g2_are", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:thinkbook_13s_g2_itl:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "thinkbook_13s_g2_itl", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:thinkbook_13s_g3_acn:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "thinkbook_13s_g3_acn", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:thinkbook_13s_g4_iap:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "thinkbook_13s_g4_iap", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:thinkbook_13x_g2_iap:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "thinkbook_13x_g2_iap", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:thinkbook_14s_g2_itl:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "thinkbook_14s_g2_itl", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:lenovo:yoga_9-15imh5:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "yoga_9-15imh5", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-08T13:37:37.127Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Lenovo thanks Zichuan Li (@Ri7erLi) from Indiana University Bloomington for reporting this vulnerability."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Lenovo", "product": "Lenovo Notebook", "versions": [{"status": "affected", "version": "various"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-134879.", "supportingMedia": [{"type": "text/html", "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-134879.", "base64": false}]}], "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-134879"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.", "supportingMedia": [{"type": "text/html", "value": "A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo", "dateUpdated": "2023-08-17T16:48:06.884Z"}}}, "cveMetadata": {"cveId": "CVE-2023-4028", "state": "PUBLISHED", "dateUpdated": "2024-10-08T13:50:36.650Z", "dateReserved": "2023-07-31T16:44:11.696Z", "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "datePublished": "2023-08-17T16:48:06.884Z", "assignerShortName": "lenovo"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:13w_yoga_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF7BF123-9EBB-4CEE-85DC-37301245397C", "versionEndExcluding": "jacn38ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:13w_yoga:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0C79699-F690-4A4D-80E5-408CE4A214AA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:13w_yoga_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "711FF6F4-24F9-47DE-A1CC-1EC5487C6FE5", "versionEndExcluding": "kbcn20ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:13w_yoga_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3AC338E-5E5F-4CCD-86EF-3995BA401703", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_1-11ada05_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AADF8DBE-D68A-4C58-A531-0CA241A10E46", "versionEndExcluding": "fqcn29ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_1-11ada05:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7C32B51-6F03-4568-BCDF-D59867AC4723", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_1-11igl05_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F142589-62C9-4FE3-BE45-92DB86551EBE", "versionEndExcluding": "dwcn28ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_1-11igl05:-:*:*:*:*:*:*:*", "matchCriteriaId": "0AC62EEC-713B-4559-8AB7-0B2B0F4D84F6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_1-14ada05_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0AD7471F-965D-4C4F-8F77-B8E1FE182B0F", "versionEndExcluding": "fqcn29ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_1-14ada05:-:*:*:*:*:*:*:*", "matchCriteriaId": "41F01C73-2B64-47E4-8A04-27426CCCEFE9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_1-14igl05_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9527B25-661A-4F69-9ADF-5465E42FF49F", "versionEndExcluding": "dwcn28ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_1-14igl05:-:*:*:*:*:*:*:*", "matchCriteriaId": "076B2AA1-ED0B-47B3-B6E2-FFEBB21220AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:flex_5-14alc05_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A2F821DB-0EB6-477A-BFB2-86B794A2E623", "versionEndExcluding": "gjcn32ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:flex_5-14alc05:-:*:*:*:*:*:*:*", "matchCriteriaId": "58A5B398-8997-4023-9555-C9FB301B2053", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:flex_5-14are05_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6C77E5D-E758-4FFD-A07A-F1B65B0569D8", "versionEndExcluding": "eecn43ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:flex_5-14are05:-:*:*:*:*:*:*:*", "matchCriteriaId": "6307A1E8-45B4-483C-B13D-F6F25F504D21", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:flex_5-14iil05_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C192437-50B9-48BC-9665-E55F7B62A9A5", "versionEndExcluding": "eccn45ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:flex_5-14iil05:-:*:*:*:*:*:*:*", "matchCriteriaId": "395BCDC7-B5C3-4FB7-96BD-849572AB50DB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:flex_5-14itl05_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F3FBB00-C47E-4B60-85F4-8EB10B50A2E3", "versionEndExcluding": "fxcn44ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:flex_5-14itl05:-:*:*:*:*:*:*:*", "matchCriteriaId": "941A9478-5A03-46FC-888A-EF75DDCB234A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:flex_5-15alc05_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D411211-70B6-41B1-99FE-1E6BC6B4B03E", "versionEndExcluding": "gjcn32ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:flex_5-15alc05:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3779495-A1FA-4589-AADA-C52E56C8B3E7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:flex_5-15iil05_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "591BC6F7-4E26-4E24-B630-48AB78A3A7F3", "versionEndExcluding": "eccn45ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:flex_5-15iil05:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E8D5080-1656-4587-AFEA-C6A438987DAE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:flex_5-15itl05_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4680E2A9-4684-4C7A-8125-D7938C77A3F7", "versionEndExcluding": "fxcn44ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:flex_5-15itl05:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC0C9D69-BF79-44AA-955B-8EE202B03114", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5_14abr8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F78333EB-CBB7-40B7-A96F-B082A08CAB31", "versionEndExcluding": "l7cn17ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5_14abr8:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F725EAD-9C36-44E0-826A-5D369881539C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5_14alc7_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "395914E6-629A-4CE4-80D1-DF9D7482F184", "versionEndExcluding": "jccn35ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5_14alc7:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC57D455-CC71-48E0-9A3E-66FAFB562A13", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5_14iau7_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F994F689-45A6-4F0D-8725-AEF47AEDA3CB", "versionEndExcluding": "j7cn44ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5_14iau7:-:*:*:*:*:*:*:*", "matchCriteriaId": "7727853D-2594-418A-8389-4279089C34ED", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5_14iru8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5B4A75D6-2A02-467E-9080-F0EF2C2117B6", "versionEndExcluding": "l6cn20ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5_14iru8:-:*:*:*:*:*:*:*", "matchCriteriaId": "829A56C6-D4C8-4A0A-B77B-A63A9050EC46", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5_16abr8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "09233791-014F-40AD-8631-44F7D4B63E7B", "versionEndExcluding": "l7cn17ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5_16abr8:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7F2D28D-9343-40A7-8379-F7269EAFCF07", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5_16alc7_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "147D0422-1667-4102-B0FB-D6936CBB8622", "versionEndExcluding": "jccn35ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5_16alc7:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BB069F7-190E-4CD9-9300-CE34E5C94880", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5_16iau7_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B0A754B-7F45-4E18-AE1B-BBC179B5FAC2", "versionEndExcluding": "j7cn44ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5_16iau7:-:*:*:*:*:*:*:*", "matchCriteriaId": "10E4E147-6A1D-490B-8DE5-095923A31AE5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5_16iru8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "30CB6C0E-6DCC-4F3A-89AA-24C8B7350112", "versionEndExcluding": "l6cn20ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5_16iru8:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DEC6EDF-B1C2-40AB-AD03-3E8422A4DAC4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:flex_7_14iru8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E62C036-B9CB-46B6-A518-5D989791343C", "versionEndExcluding": "l6cn20ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:flex_7_14iru8:-:*:*:*:*:*:*:*", "matchCriteriaId": "0ABEFEF0-03CC-48EA-84F8-608344B826E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_13s_g2_are_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C957B5AB-B74C-4330-88EE-10379146E2E8", "versionEndExcluding": "fvcn28ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_13s_g2_are:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF07F8EA-8901-49AD-B001-D2FA4C2347F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_13s_g2_itl_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "56E26764-6660-4E85-A1B6-4A2CA4850DCD", "versionEndExcluding": "f9cn57ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_13s_g2_itl:-:*:*:*:*:*:*:*", "matchCriteriaId": "402E5B1C-7786-4102-9844-6FFB9D810204", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_13s_g3_acn_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC16E24A-948B-4027-93DE-A90306A7D98A", "versionEndExcluding": "gmcn35ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_13s_g3_acn:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8F67521-7E7E-4B90-886B-EE54B8D1A5D6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_13s_g4_iap_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D700597B-1DBB-446A-95B3-086BEBAD12EC", "versionEndExcluding": "hwcn49ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_13s_g4_iap:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A20DC2B-4B76-47C3-B0AC-77FC7F49305C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_13x_g2_iap_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6DFAC97-DB42-44AE-8FC6-45F06B6FA64A", "versionEndExcluding": "hxcn54ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_13x_g2_iap:-:*:*:*:*:*:*:*", "matchCriteriaId": "51285D29-591D-471B-B63B-18C19B5B82DD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_14s_g2_itl_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FBBCC13F-4D16-4768-AAB5-EE2F061610DF", "versionEndExcluding": "f9cn57ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_14s_g2_itl:-:*:*:*:*:*:*:*", "matchCriteriaId": "463EB277-DEF6-4FE3-A07D-6F373C040EFE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:yoga_9-15imh5_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5488AD2D-DB5E-4205-8124-5F1BEE20BBE6", "versionEndExcluding": "epcn32ww", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:yoga_9-15imh5:-:*:*:*:*:*:*:*", "matchCriteriaId": "351885D4-6E5E-4224-A967-68E6338FBA23", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code."}, {"lang": "es", "value": "Se ha identificado un desbordamiento de b\u00fafer en el controlador SystemUserMasterHddPwdDxe de algunos productos port\u00e1tiles de Lenovo que puede permitir a un atacante con acceso local y privilegios elevados ejecutar c\u00f3digo arbitrario."}], "id": "CVE-2023-4028", "lastModified": "2024-11-21T08:34:15.500", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "psirt@lenovo.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-17T17:15:10.217", "references": [{"source": "psirt@lenovo.com", "tags": ["Vendor Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-134879"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-134879"}], "sourceIdentifier": "psirt@lenovo.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "psirt@lenovo.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}