CVE-2023-34419
Summary
| CVE | CVE-2023-34419 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-08-17 17:15:00 UTC |
| Updated | 2023-08-24 17:08:00 UTC |
| Description | A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code. |
Risk And Classification
Problem Types: CWE-120
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Lenovo | Legion 5-15ach6 | - | All | All | All |
| Hardware | Lenovo | Legion 5-15ach6a | - | All | All | All |
| Operating System | Lenovo | Legion 5-15ach6a Firmware | - | All | All | All |
| Hardware | Lenovo | Legion 5-15ach6h | - | All | All | All |
| Operating System | Lenovo | Legion 5-15ach6h Firmware | - | All | All | All |
| Operating System | Lenovo | Legion 5-15ach6 Firmware | - | All | All | All |
| Hardware | Lenovo | Legion 5-15ith6 | - | All | All | All |
| Hardware | Lenovo | Legion 5-15ith6h | - | All | All | All |
| Operating System | Lenovo | Legion 5-15ith6h Firmware | - | All | All | All |
| Operating System | Lenovo | Legion 5-15ith6 Firmware | - | All | All | All |
| Hardware | Lenovo | Legion 5-17ach6 | - | All | All | All |
| Hardware | Lenovo | Legion 5-17ach6h | - | All | All | All |
| Operating System | Lenovo | Legion 5-17ach6h Firmware | - | All | All | All |
| Operating System | Lenovo | Legion 5-17ach6 Firmware | - | All | All | All |
| Hardware | Lenovo | Legion 5-17ith6 | - | All | All | All |
| Hardware | Lenovo | Legion 5-17ith6h | - | All | All | All |
| Operating System | Lenovo | Legion 5-17ith6h Firmware | - | All | All | All |
| Operating System | Lenovo | Legion 5-17ith6 Firmware | - | All | All | All |
| Hardware | Lenovo | Legion 5 15arh7 | - | All | All | All |
| Hardware | Lenovo | Legion 5 15arh7h | - | All | All | All |
| Operating System | Lenovo | Legion 5 15arh7h Firmware | - | All | All | All |
| Operating System | Lenovo | Legion 5 15arh7 Firmware | - | All | All | All |
| Hardware | Lenovo | Legion 5 15iah7 | - | All | All | All |
| Hardware | Lenovo | Legion 5 15iah7h | - | All | All | All |
| Operating System | Lenovo | Legion 5 15iah7h Firmware | All | All | All | All |
| Operating System | Lenovo | Legion 5 15iah7 Firmware | All | All | All | All |
| Hardware | Lenovo | Legion 5 Pro-16ach6 | - | All | All | All |
| Hardware | Lenovo | Legion 5 Pro-16ach6h | - | All | All | All |
| Operating System | Lenovo | Legion 5 Pro-16ach6h Firmware | - | All | All | All |
| Operating System | Lenovo | Legion 5 Pro-16ach6 Firmware | - | All | All | All |
| Hardware | Lenovo | Legion 5 Pro-16ith6 | - | All | All | All |
| Hardware | Lenovo | Legion 5 Pro-16ith6h | - | All | All | All |
| Operating System | Lenovo | Legion 5 Pro-16ith6h Firmware | - | All | All | All |
| Operating System | Lenovo | Legion 5 Pro-16ith6 Firmware | - | All | All | All |
| Hardware | Lenovo | Legion 5 Pro 16arh7 | - | All | All | All |
| Hardware | Lenovo | Legion 5 Pro 16arh7h | - | All | All | All |
| Operating System | Lenovo | Legion 5 Pro 16arh7h Firmware | - | All | All | All |
| Operating System | Lenovo | Legion 5 Pro 16arh7 Firmware | - | All | All | All |
| Hardware | Lenovo | Legion 5 Pro 16iah7 | - | All | All | All |
| Hardware | Lenovo | Legion 5 Pro 16iah7h | - | All | All | All |
| Operating System | Lenovo | Legion 5 Pro 16iah7h Firmware | All | All | All | All |
| Operating System | Lenovo | Legion 5 Pro 16iah7 Firmware | All | All | All | All |
| Hardware | Lenovo | Legion 7-16achg6 | - | All | All | All |
| Operating System | Lenovo | Legion 7-16achg6 Firmware | - | All | All | All |
| Hardware | Lenovo | Legion 7-16arha7 | - | All | All | All |
| Operating System | Lenovo | Legion 7-16arha7 Firmware | - | All | All | All |
| Hardware | Lenovo | Legion 7-16ithg6 | - | All | All | All |
| Operating System | Lenovo | Legion 7-16ithg6 Firmware | - | All | All | All |
| Hardware | Lenovo | Legion Pro 5 16irx8 | - | All | All | All |
| Operating System | Lenovo | Legion Pro 5 16irx8 Firmware | All | All | All | All |
| Hardware | Lenovo | Legion Pro 7 16irx8 | - | All | All | All |
| Hardware | Lenovo | Legion Pro 7 16irx8h | - | All | All | All |
| Operating System | Lenovo | Legion Pro 7 16irx8h Firmware | All | All | All | All |
| Operating System | Lenovo | Legion Pro 7 16irx8 Firmware | All | All | All | All |
| Hardware | Lenovo | Legion S7 16arha7 | - | All | All | All |
| Operating System | Lenovo | Legion S7 16arha7 Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkbook 15p G2 Ith | - | All | All | All |
| Operating System | Lenovo | Thinkbook 15p G2 Ith Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkbook 16p G3 Arh | - | All | All | All |
| Operating System | Lenovo | Thinkbook 16p G3 Arh Firmware | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Multi-vendor BIOS Security Vulnerabilities (August 2023) - Lenovo Support US | MISC | support.lenovo.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.