CVE-2022-1107
Summary
| CVE | CVE-2022-1107 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-04-22 21:15:00 UTC |
| Updated | 2022-05-12 13:42:00 UTC |
| Description | During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code. |
Risk And Classification
Problem Types: CWE-20 | CWE-269
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Lenovo | Thinkpad 11e | - | All | All | All |
| Operating System | Lenovo | Thinkpad 11e Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad 11e Yoga | - | All | All | All |
| Operating System | Lenovo | Thinkpad 11e Yoga Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad Helix | - | All | All | All |
| Operating System | Lenovo | Thinkpad Helix Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad L560 | - | All | All | All |
| Operating System | Lenovo | Thinkpad L560 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad L570 | - | All | All | All |
| Operating System | Lenovo | Thinkpad L570 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad P50s | - | All | All | All |
| Operating System | Lenovo | Thinkpad P50s Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad P51s | - | All | All | All |
| Operating System | Lenovo | Thinkpad P51s Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad P52s | - | All | All | All |
| Operating System | Lenovo | Thinkpad P52s Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad S540 | - | All | All | All |
| Operating System | Lenovo | Thinkpad S540 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad T550 | - | All | All | All |
| Operating System | Lenovo | Thinkpad T550 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad T560 | - | All | All | All |
| Operating System | Lenovo | Thinkpad T560 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad T570 | - | All | All | All |
| Operating System | Lenovo | Thinkpad T570 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad T580 | - | All | All | All |
| Operating System | Lenovo | Thinkpad T580 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad W540 | - | All | All | All |
| Operating System | Lenovo | Thinkpad W540 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad W541 | - | All | All | All |
| Operating System | Lenovo | Thinkpad W541 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad W550s | - | All | All | All |
| Operating System | Lenovo | Thinkpad W550s Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X1 Carbon 3rd Gen | - | All | All | All |
| Operating System | Lenovo | Thinkpad X1 Carbon 3rd Gen Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X1 Carbon 4th Gen | - | All | All | All |
| Operating System | Lenovo | Thinkpad X1 Carbon 4th Gen Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X1 Carbon 5th Gen Kabylake | - | All | All | All |
| Operating System | Lenovo | Thinkpad X1 Carbon 5th Gen Kabylake Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X1 Carbon 5th Gen Skylake | - | All | All | All |
| Operating System | Lenovo | Thinkpad X1 Carbon 5th Gen Skylake Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X1 Tablet Gen 1 | - | All | All | All |
| Operating System | Lenovo | Thinkpad X1 Tablet Gen 1 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X1 Tablet Gen 2 | - | All | All | All |
| Operating System | Lenovo | Thinkpad X1 Tablet Gen 2 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X1 Yoga | - | All | All | All |
| Operating System | Lenovo | Thinkpad X1 Yoga Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X1 Yoga Gen 2 | - | All | All | All |
| Operating System | Lenovo | Thinkpad X1 Yoga Gen 2 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X1 Yoga Gen 3 | - | All | All | All |
| Operating System | Lenovo | Thinkpad X1 Yoga Gen 3 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X250 | - | All | All | All |
| Operating System | Lenovo | Thinkpad X250 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X280 | - | All | All | All |
| Operating System | Lenovo | Thinkpad X280 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad X390 | - | All | All | All |
| Operating System | Lenovo | Thinkpad X390 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad Yoga 15 | - | All | All | All |
| Operating System | Lenovo | Thinkpad Yoga 15 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkpad Yoga 260 | - | All | All | All |
| Operating System | Lenovo | Thinkpad Yoga 260 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| ThinkPad BIOS Vulnerabilities - Lenovo Support NL | MISC | support.lenovo.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.