CVE-2022-48188

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2022-48188
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2023-06-05 22:15:00 UTC
Updated2023-06-13 21:19:00 UTC
DescriptionA buffer overflow vulnerability in the SecureBootDXE BIOS driver of some Lenovo Desktop and ThinkStation models could allow an attacker with local access to elevate their privileges to execute arbitrary code.

Risk And Classification

Problem Types: CWE-787

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Hardware Lenovo Ideacentre 510s-07icb - All All All
Operating System Lenovo Ideacentre 510s-07icb Firmware All All All All
Hardware Lenovo Ideacentre 510s-07ick - All All All
Operating System Lenovo Ideacentre 510s-07ick Firmware All All All All
Hardware Lenovo Ideacentre 720-18apr - All All All
Operating System Lenovo Ideacentre 720-18apr Firmware All All All All
Hardware Lenovo Ideacentre Aio 3-22itl6 - All All All
Operating System Lenovo Ideacentre Aio 3-22itl6 Firmware All All All All
Hardware Lenovo Ideacentre Aio 3-24itl6 - All All All
Operating System Lenovo Ideacentre Aio 3-24itl6 Firmware All All All All
Hardware Lenovo Ideacentre Aio 3-27itl6 - All All All
Operating System Lenovo Ideacentre Aio 3-27itl6 Firmware All All All All
Hardware Lenovo Ideacentre Aio 3 21itl7 - All All All
Operating System Lenovo Ideacentre Aio 3 21itl7 Firmware All All All All
Hardware Lenovo Thinkcentre M720e - All All All
Operating System Lenovo Thinkcentre M720e Firmware All All All All
Hardware Lenovo Thinkcentre M720q - All All All
Operating System Lenovo Thinkcentre M720q Firmware All All All All
Hardware Lenovo Thinkcentre M720s - All All All
Operating System Lenovo Thinkcentre M720s Firmware All All All All
Hardware Lenovo Thinkcentre M720t - All All All
Operating System Lenovo Thinkcentre M720t Firmware All All All All
Hardware Lenovo Thinkcentre M725s - All All All
Operating System Lenovo Thinkcentre M725s Firmware All All All All
Hardware Lenovo Thinkcentre M75s Gen 2 - All All All
Operating System Lenovo Thinkcentre M75s Gen 2 Firmware All All All All
Hardware Lenovo Thinkcentre M75t Gen 2 - All All All
Operating System Lenovo Thinkcentre M75t Gen 2 Firmware All All All All
Hardware Lenovo Thinkcentre M920q - All All All
Operating System Lenovo Thinkcentre M920q Firmware All All All All
Hardware Lenovo Thinkcentre M920s - All All All
Operating System Lenovo Thinkcentre M920s Firmware All All All All
Hardware Lenovo Thinkcentre M920t - All All All
Operating System Lenovo Thinkcentre M920t Firmware All All All All
Hardware Lenovo Thinkcentre M920x - All All All
Operating System Lenovo Thinkcentre M920x Firmware All All All All
Hardware Lenovo Thinkcentre M920z - All All All
Operating System Lenovo Thinkcentre M920z Firmware All All All All
Hardware Lenovo Thinkstation P330 Tiny - All All All
Operating System Lenovo Thinkstation P330 Tiny Firmware All All All All
Hardware Lenovo Thinkstation P360 Ultra - All All All
Operating System Lenovo Thinkstation P360 Ultra Firmware All All All All
Hardware Lenovo Thinkstation P520 - All All All
Hardware Lenovo Thinkstation P520c - All All All
Operating System Lenovo Thinkstation P520c Firmware All All All All
Operating System Lenovo Thinkstation P520 Firmware All All All All
Hardware Lenovo V30a-22itl - All All All
Operating System Lenovo V30a-22itl Firmware All All All All
Hardware Lenovo V30a-24itl - All All All
Operating System Lenovo V30a-24itl Firmware All All All All
Hardware Lenovo V530s-07icb - All All All
Operating System Lenovo V530s-07icb Firmware All All All All
Hardware Lenovo V530s-07icr - All All All
Operating System Lenovo V530s-07icr Firmware All All All All

References

ReferenceSourceLinkTags
Multi-vendor BIOS Security Vulnerabilities (May 2023) - Lenovo Support US MISC support.lenovo.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report