CVE-2022-3431
Summary
| CVE | CVE-2022-3431 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-10-09 19:15:00 UTC |
| Updated | 2023-10-14 02:23:00 UTC |
| Description | A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable. |
Risk And Classification
Problem Types: CWE-276
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Lenovo | D330-10igl | - | All | All | All |
| Operating System | Lenovo | D330-10igl Firmware | All | All | All | All |
| Hardware | Lenovo | Ideapad 5 Pro-16ach6 | - | All | All | All |
| Operating System | Lenovo | Ideapad 5 Pro-16ach6 Firmware | All | All | All | All |
| Hardware | Lenovo | Ideapad 5 Pro-16ihu6 | - | All | All | All |
| Operating System | Lenovo | Ideapad 5 Pro-16ihu6 Firmware | All | All | All | All |
| Hardware | Lenovo | Ideapad 5 Pro 16arh7 | - | All | All | All |
| Operating System | Lenovo | Ideapad 5 Pro 16arh7 Firmware | All | All | All | All |
| Hardware | Lenovo | Ideapad Creator 5-16ach6 | - | All | All | All |
| Operating System | Lenovo | Ideapad Creator 5-16ach6 Firmware | All | All | All | All |
| Hardware | Lenovo | Ideapad Duet 3 10igl5 | - | All | All | All |
| Operating System | Lenovo | Ideapad Duet 3 10igl5 Firmware | All | All | All | All |
| Hardware | Lenovo | Ideapad Slim 7 Pro 16ach6 | - | All | All | All |
| Operating System | Lenovo | Ideapad Slim 7 Pro 16ach6 Firmware | All | All | All | All |
| Hardware | Lenovo | S540-15iml | - | All | All | All |
| Operating System | Lenovo | S540-15iml Firmware | All | All | All | All |
| Hardware | Lenovo | Slim 7 16arh7 | - | All | All | All |
| Operating System | Lenovo | Slim 7 16arh7 Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkbook 13x Itg | - | All | All | All |
| Operating System | Lenovo | Thinkbook 13x Itg Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkbook 14 G4 Ara | - | All | All | All |
| Operating System | Lenovo | Thinkbook 14 G4 Ara Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkbook 14 G4 Iap | - | All | All | All |
| Operating System | Lenovo | Thinkbook 14 G4 Iap Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkbook 16p Nx Arh | - | All | All | All |
| Operating System | Lenovo | Thinkbook 16p Nx Arh Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkbook 16 G4 Ara | - | All | All | All |
| Operating System | Lenovo | Thinkbook 16 G4 Ara Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkbook 16 G4 Iap | - | All | All | All |
| Operating System | Lenovo | Thinkbook 16 G4 Iap Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkbook Plus G2 Itg | - | All | All | All |
| Operating System | Lenovo | Thinkbook Plus G2 Itg Firmware | All | All | All | All |
| Hardware | Lenovo | Thinkbook Plus G3 Iap | - | All | All | All |
| Operating System | Lenovo | Thinkbook Plus G3 Iap Firmware | All | All | All | All |
| Hardware | Lenovo | Yoga Duet 7-13iml05 | - | All | All | All |
| Operating System | Lenovo | Yoga Duet 7-13iml05 Firmware | All | All | All | All |
| Hardware | Lenovo | Yoga Duet 7-13itl6 | - | All | All | All |
| Hardware | Lenovo | Yoga Duet 7-13itl6-lte | - | All | All | All |
| Operating System | Lenovo | Yoga Duet 7-13itl6-lte Firmware | All | All | All | All |
| Operating System | Lenovo | Yoga Duet 7-13itl6 Firmware | All | All | All | All |
| Hardware | Lenovo | Yoga Slim 7-13acn05 | - | All | All | All |
| Operating System | Lenovo | Yoga Slim 7-13acn05 Firmware | All | All | All | All |
| Hardware | Lenovo | Yoga Slim 7-13itl05 | - | All | All | All |
| Operating System | Lenovo | Yoga Slim 7-13itl05 Firmware | All | All | All | All |
| Hardware | Lenovo | Yoga Slim 7 Carbon 13itl5 | - | All | All | All |
| Operating System | Lenovo | Yoga Slim 7 Carbon 13itl5 Firmware | All | All | All | All |
| Hardware | Lenovo | Yoga Slim 7 Pro 16ach6 | - | All | All | All |
| Operating System | Lenovo | Yoga Slim 7 Pro 16ach6 Firmware | All | All | All | All |
| Hardware | Lenovo | Yoga Slim 7 Pro 16arh7 | - | All | All | All |
| Operating System | Lenovo | Yoga Slim 7 Pro 16arh7 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Lenovo Notebook BIOS Vulnerabilities - Lenovo Support US | MISC | support.lenovo.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.