{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4029", "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "state": "PUBLISHED", "assignerShortName": "lenovo", "dateReserved": "2023-07-31T16:48:52.842Z", "datePublished": "2023-08-17T16:48:24.711Z", "dateUpdated": "2024-10-08T13:16:40.566Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ThinkPad", "vendor": "Lenovo", "versions": [{"status": "affected", "version": "various"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Lenovo thanks Zichuan Li (@Ri7erLi) from Indiana University Bloomington for reporting this vulnerability."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code."}], "value": "A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo", "dateUpdated": "2023-08-17T16:48:24.711Z"}, "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-134879"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-134879."}], "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-134879."}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:17:11.608Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-134879", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "lenovo", "product": "thinkpad", "cpes": ["cpe:2.3:h:lenovo:thinkpad:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-08T13:13:15.422315Z", "id": "CVE-2023-4029", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-08T13:16:40.566Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-134879", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:17:11.608Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4029", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-08T13:13:15.422315Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:lenovo:thinkpad:-:*:*:*:*:*:*:*"], "vendor": "lenovo", "product": "thinkpad", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-08T13:16:36.790Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Lenovo thanks Zichuan Li (@Ri7erLi) from Indiana University Bloomington for reporting this vulnerability."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Lenovo", "product": "ThinkPad", "versions": [{"status": "affected", "version": "various"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-134879.", "supportingMedia": [{"type": "text/html", "value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-134879.", "base64": false}]}], "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-134879"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code.", "supportingMedia": [{"type": "text/html", "value": "A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo", "dateUpdated": "2023-08-17T16:48:24.711Z"}}}, "cveMetadata": {"cveId": "CVE-2023-4029", "state": "PUBLISHED", "dateUpdated": "2024-10-08T13:16:40.566Z", "dateReserved": "2023-07-31T16:48:52.842Z", "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "datePublished": "2023-08-17T16:48:24.711Z", "assignerShortName": "lenovo"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:k14_type_21cu_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A65A5F7-EB4D-4B56-AC90-4B803D732688", "versionEndExcluding": "1.12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:k14_type_21cu:-:*:*:*:*:*:*:*", "matchCriteriaId": "E420E364-555D-4E43-9102-A3F1F8994547", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:k14_type_21cv_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6FE0ACE3-E020-421F-9AB4-7C50B0232BE0", "versionEndExcluding": "1.12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:k14_type_21cv:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FE21ABB-B0E2-4E2E-AD06-46E71DD82C4E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E04588B5-4D04-46C2-9AF8-B5DDC8F345D9", "versionEndExcluding": "1.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DA25359-AE51-45EA-8507-40953790E04E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_e14_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9382214-2C46-46D0-AA8E-4A3DF9B46356", "versionEndExcluding": "1.15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_e14_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "66ABF1A9-495C-49BE-B7C1-2E7D4AAE7C59", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_e15_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A78B91F-AFCE-4A04-A424-C47E2373A060", "versionEndExcluding": "1.15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_e15_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "568603E1-E38F-42D0-8AE0-AE11951852E6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "80DDA5A0-6D71-4F85-870E-2B3D62320150", "versionEndExcluding": "1.30", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E560943-6A00-4423-91F3-FBBBBB978F6B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A6606CF-CCC8-4061-A989-3519EEA48E4C", "versionEndExcluding": "1.19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D6D51EE-16C2-4090-8872-E69E55D5D4A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7DBCE89B-52BE-474F-AF10-ABA25A2E7017", "versionEndExcluding": "1.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_4:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D5606FE-0787-44AD-97B8-AAB560056ED5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1400DD3A-39C1-4C9E-BAC7-FB1588F9FFB9", "versionEndExcluding": "1.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_4:-:*:*:*:*:*:*:*", "matchCriteriaId": "D619CDB5-510B-443F-8772-CB09DD68190D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "25BA3447-9D13-4F7D-BA5B-8C90BE816007", "versionEndExcluding": "1.30", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CB43443-ED65-4CF5-8FDA-3BCC1E2BD5A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DA62157-F2A9-4868-B7BA-C15BD4EAFD77", "versionEndExcluding": "1.19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B43B845-C95E-47DF-8AEB-7ADB650A5425", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l14_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7148FAD4-4CE0-432E-AFFE-1BB586259F6E", "versionEndExcluding": "1.28", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l14_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5CE86BB2-232D-4DD9-9630-EA6517C64EB1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l14_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9C3B900-6538-4D4D-A3E6-E216238AC569", "versionEndExcluding": "1.23", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l14_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "E774C0D8-4712-414D-B9B9-214AAC710B63", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l14_gen_4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2ED041C6-C651-487B-B674-30FB3049579A", "versionEndExcluding": "1.06", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l14_gen_4:-:*:*:*:*:*:*:*", "matchCriteriaId": "181D4876-394F-4FE0-91B8-16267F987D18", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l15_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBEBF813-4B39-4ACA-B100-058BB06BCCB6", "versionEndExcluding": "1.28", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l15_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "77DDB8D3-F2BD-42AB-B927-D38FB54EE902", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l15_gen_3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "67569E35-EBF9-4EC0-A6D4-35BC80424093", "versionEndExcluding": "1.23", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l15_gen_3:-:*:*:*:*:*:*:*", "matchCriteriaId": "E4ACCDD8-A4F5-4805-91FC-4464A1FB46BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l15_gen_4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A18F11AF-603F-43C6-812A-BC18244E0BBC", "versionEndExcluding": "1.06", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l15_gen_4:-:*:*:*:*:*:*:*", "matchCriteriaId": "0ED6441F-C705-40D0-9FDF-7471955D6610", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p14s_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F539C7D-8069-4609-AFB6-1417C78C12DB", "versionEndExcluding": "1.34", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p14s_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE970F53-856F-4DFF-B845-A8C5A8B14C90", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t14_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A389BD6-0D8A-46C4-8735-25A374853ABC", "versionEndExcluding": "1.34", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t14_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD6A601D-0427-453F-B4A8-4EB9C18A58C6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t14s_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DF019E0-F79F-49BA-9EB6-FA947FE26B0A", "versionEndExcluding": "1.37", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t14s_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "49AE9591-00C0-4136-9355-8BD5648E29A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_gen_6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "61A133FE-674D-40B3-80F6-BF24D27ECC31", "versionEndExcluding": "1.30", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_gen_6:-:*:*:*:*:*:*:*", "matchCriteriaId": "FF3A2ACE-E9E9-4A93-9543-044096A8BAFE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_gen_7_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E54C81E5-0CB5-4EA8-9F33-37C376BE139C", "versionEndExcluding": "1.19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_gen_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D03A821-532F-4951-8BD5-A3C3B3F60DD3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_gen_8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "188634AD-EC8F-4780-A6D3-CF3E7F6DA862", "versionEndExcluding": "1.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_gen_8:-:*:*:*:*:*:*:*", "matchCriteriaId": "826861DB-719A-40DE-B813-CE51EDEC84D2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6AC6F8FA-1FA0-49CF-BD73-052501D5A4B0", "versionEndExcluding": "1.30", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_6:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B2279C8-0F44-4CA3-9AED-F31E3C3327D8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_7_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B01C37DE-CD3B-41B1-AD51-9A50756895AC", "versionEndExcluding": "1.19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1040935-6004-4539-992A-FCDDC84333B5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x13_gen_2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "124BEE07-D47F-4503-871A-EB85495BD6F9", "versionEndExcluding": "1.37", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x13_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2C06223-3F58-4765-B9F4-BD56F89EA0A4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code."}, {"lang": "es", "value": "Se ha identificado un desbordamiento de b\u00fafer en el controlador BoardUpdateAcpiDxe de algunos productos ThinkPad de Lenovo que puede permitir a un atacante con acceso local y privilegios elevados ejecutar c\u00f3digo arbitrario."}], "id": "CVE-2023-4029", "lastModified": "2024-11-21T08:34:15.683", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "psirt@lenovo.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-17T17:15:10.313", "references": [{"source": "psirt@lenovo.com", "tags": ["Vendor Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-134879"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-134879"}], "sourceIdentifier": "psirt@lenovo.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "psirt@lenovo.com", "type": "Secondary"}]}

{}

{}