CVE-2025-10238

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2025-10238
StatePUBLISHED
Assignerlenovo
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-06-10 15:16:31 UTC
Updated2026-06-10 19:43:28 UTC
DescriptionDuring an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode (SMM).

Risk And Classification

Primary CVSS: v4.0 8.4 HIGH from [email protected]

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS: 0.000140000 probability, percentile 0.025700000 (date 2026-06-12)

Problem Types: CWE-787 | CWE-787 CWE-787: Out-of-bounds Write

VersionSourceTypeScoreSeverityVector
4.0[email protected]Secondary8.4HIGHCVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/C...
4.0CNACVSS8.4HIGHCVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.1[email protected]Primary6.7MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
3.1CNACVSS6.7MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0 Breakdown

Attack Vector
Local
Attack Complexity
Low
Attack Requirements
None
Privileges Required
High
User Interaction
None
Confidentiality
High
Integrity
High
Availability
High
Sub Conf.
None
Sub Integrity
None
Sub Availability
None

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS v3.1 Breakdown

Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Lenovo X13 Gen 6 Type 21RK 21RL Laptops ThinkPad BIOS affected 1.12 custom Not specified
CNA Lenovo X1 Carbon 13th Gen Type 21NX 21NY Laptops ThinkPad BIOS affected 1.15 custom Not specified
CNA Lenovo P16v Gen 3 Type 21RS 21RT Laptop ThinkPad BIOS affected BIOS: 1.13 / ECFW: 1.09 custom Not specified
CNA Lenovo L16 Gen 1 Type 21L7 21L8 Laptops ThinkPad BIOS affected 1.40 custom Not specified
CNA Lenovo T14s Gen 6 Type 21TB 21TC Laptops ThinkPad BIOS affected 1.11 custom Not specified
CNA Lenovo P14s Gen 6 Type 21QT 21QU Laptops ThinkPad BIOS affected UEFI BIOS V1.22/ECP V1.13 custom Not specified
CNA Lenovo L13 Gen 6 Type 21RB 21RC Laptops ThinkPad BIOS affected 1.15 custom Not specified
CNA Lenovo L14 Gen 6 Type 21SE 21SF Laptops ThinkPad BIOS affected 1.14 custom Not specified
CNA Lenovo E16 Gen 3 Type 22AY 22B0 Laptop ThinkPad BIOS affected 1.38 custom Not specified
CNA Lenovo L16 Gen 2 Type 21SC 21SD Laptops ThinkPad BIOS affected 1.13 custom Not specified
CNA Lenovo X13 Gen 6 Type 21RM 21RN Laptops ThinkPad BIOS affected 1.62/1.12 custom Not specified
CNA Lenovo T14s Gen 6 Type 21R1 21R2 Laptops ThinkPad BIOS affected 1.10 custom Not specified
CNA Lenovo X1 2-in-1 Gen 9 Type 21KE 21KF Laptop ThinkPad BIOS affected 1.45 custom Not specified
CNA Lenovo X1 Fold 16 Gen 1 Type 21ES 21ET Laptop ThinkPad BIOS affected 1.25 custom Not specified
CNA Lenovo Z16 Gen 2 Type 21JX 21JY Laptop ThinkPad BIOS affected 1.37 custom Not specified
CNA Lenovo P16v Gen 1 Type 21FE 21FF Laptop ThinkPad BIOS affected 1.65/1.13 custom Not specified
CNA Lenovo X13 Gen 4 Type 21J3 21J4 Laptop ThinkPad BIOS affected 1.37 custom Not specified
CNA Lenovo T14s Gen 4 Type 21F8 21F9 Laptop ThinkPad BIOS affected 1.28 custom Not specified
CNA Lenovo P14s Gen 4 Type 21K5 21K6 Laptop ThinkPad BIOS affected 1.47 custom Not specified
CNA Lenovo P1 Gen 6 Type 21FV 21FW Laptop ThinkPad BIOS affected 1.38 custom Not specified
CNA Lenovo P16v Gen 1 Type 21FC 21FD Laptop ThinkPad BIOS affected BIOS: 1.40 / ECFW: 1.09 custom Not specified
CNA Lenovo P16 Gen 2 Type 21FA 21FB Laptop ThinkPad BIOS affected BIOS: 1.61 / ECFW: 1.57 custom Not specified
CNA Lenovo X13 Yoga Gen 4 Type 21F2 21F3 Laptop ThinkPad BIOS affected 1.22 custom Not specified
CNA Lenovo P16s Gen 2 Type 21HK 21HL Laptop ThinkPad BIOS affected 1.51 custom Not specified
CNA Lenovo E14 Gen 5 Type 21JR 21JS Laptop ThinkPad BIOS affected 1.29 custom Not specified
CNA Lenovo T14s Gen 4 Type 21F6 21F7 Laptop ThinkPad BIOS affected 1.23 custom Not specified
CNA Lenovo ThinkPad R14 Gen 5 Type 21JM PRC BIOS affected 1.41 custom Not specified
CNA Lenovo L14 Gen 4 Type 21H1 21H2 Laptop ThinkPad BIOS affected 1.34 custom Not specified
CNA Lenovo L13 Gen 4 Type 21FG 21FH Laptop ThinkPad BIOS affected 1.24 custom Not specified
CNA Lenovo X1 Nano Gen 3 Type 21K1 21K2 Laptop ThinkPad BIOS affected 1.28 custom Not specified
CNA Lenovo S2 Yoga Gen 8 Types 21FU China Only Laptop ThinkPad BIOS affected 1.28 custom Not specified
CNA Lenovo L15 Gen 4 Type 21H7 21H8 Laptops ThinkPad BIOS affected 1.27 custom Not specified
CNA Lenovo X1 Yoga 8th Gen Type 21HQ 21HR Laptop ThinkPad BIOS affected 1.37 custom Not specified
CNA Lenovo T14s Gen 6 Type 21M1 21M2 Laptops ThinkPad BIOS affected 1.62/1.12 custom Not specified
CNA Lenovo P15v Gen 3 Type 21EN 21EM Laptop ThinkPad BIOS affected 1.28 custom Not specified
CNA Lenovo P16 Gen 1 Type 21D6 21D7 Laptop ThinkPad BIOS affected 1.69 custom Not specified
CNA Lenovo X1 2-in-1 Gen 10 Type 21NU 21NV Laptop ThinkPad BIOS affected 1.39 custom Not specified
CNA Lenovo X9-15 Gen 1 Type 21Q6 21Q7 Laptop ThinkPad BIOS affected 1.17 custom Not specified
CNA Lenovo X9-14 Gen 1 Type 21QA 21QB Laptop ThinkPad BIOS affected 1.21 custom Not specified
CNA Lenovo T14s Gen 5 Type 21LS 21LT Laptop ThinkPad BIOS affected 1.14 custom Not specified
CNA Lenovo L14 Gen 5 Type 21L1 21L2 Laptops ThinkPad BIOS affected 1.24 custom Not specified
CNA Lenovo E14 Gen 6 Type 21M3 21M4 Laptops ThinkPad BIOS affected 1.27 custom Not specified
CNA Lenovo E16 Gen 3 Type 21SR 21SS Laptops ThinkPad BIOS affected 1.11 custom Not specified
CNA Lenovo T14 Gen 3 Type 21AH 21AJ Laptop ThinkPad BIOS affected 1.45/1.25 custom Not specified
CNA Lenovo T15p Gen 3 Type 21DA 21DB Laptop ThinkPad BIOS affected 1.67 custom Not specified
CNA Lenovo P1 Gen 5 Type 21DC 21DD Laptop ThinkPad BIOS affected 1.29 custom Not specified
CNA Lenovo T14s Gen 3 Type 21CQ 21CR Laptop ThinkPad BIOS affected 1.51 custom Not specified
CNA Lenovo P14s Gen 3 Type 21J5 21J6 Laptop ThinkPad BIOS affected 1.63 custom Not specified
CNA Lenovo Z16 Gen 1 Type 21D4 21D5 Laptop ThinkPad BIOS affected 1.76 custom Not specified
CNA Lenovo T14s Gen 3 Type 21BR 21BS Laptop ThinkPad BIOS affected 1.48 custom Not specified
CNA Lenovo L14 Gen 3 Type 21C1 21C2 Laptops ThinkPad BIOS affected 1.44 custom Not specified
CNA Lenovo X13 Yoga Gen 3 Type 21AW 21AX Laptop ThinkPad BIOS affected 1.25 custom Not specified
CNA Lenovo L13 Yoga Gen 3 Type 21B5 21B6 Laptop ThinkPad BIOS affected 1.31 custom Not specified
CNA Lenovo E14 Gen 4 Type 21E3 21E4 Laptops ThinkPad BIOS affected 1.34 custom Not specified
CNA Lenovo X1 Nano Gen 2 Type 21E8 21E9 Laptop ThinkPad BIOS affected 1.32 custom Not specified
CNA Lenovo E15 Gen 4 Type 21ED 21EE Laptop ThinkPad BIOS affected 1.27 custom Not specified
CNA Lenovo ThinkPad S2 Gen 7 Type 21BD BIOS affected 1.36 custom Not specified
CNA Lenovo X1 Yoga 7th Gen Type 21CD 21CE Laptop ThinkPad BIOS affected 1.52 custom Not specified
CNA Lenovo L14 Gen 3 Type 21C5 21C6 Laptops ThinkPad BIOS affected 1.36 custom Not specified
CNA Lenovo ThinkPad S2 Yoga Gen 6 Type 20VN China Only BIOS affected 1.38/1.36 custom Not specified
CNA Lenovo X1 Yoga 6th Gen Type 20XY 20Y0 Laptop ThinkPad BIOS affected 1.75 custom Not specified
CNA Lenovo E15 Gen 3 Type 20YG 20YH 20YJ 20YK Laptop ThinkPad BIOS affected 1.24 custom Not specified
CNA Lenovo X13 Yoga Gen 2 Type 20W8 20W9 Laptop ThinkPad BIOS affected 1.51 custom Not specified
CNA Lenovo X13 Gen 2 Type 20WK 20WL Laptop ThinkPad BIOS affected 1.64 custom Not specified
CNA Lenovo L14 Gen 2 Type 20X5 20X6 Laptop ThinkPad BIOS affected 1.36 custom Not specified
CNA Lenovo T15g Gen 1 Type 20UR 20US Laptop ThinkPad BIOS affected 1.97 custom Not specified
CNA Lenovo X13 Gen 2 Type 20XH 20XJ Laptop ThinkPad BIOS affected 1.36 custom Not specified
CNA Lenovo T15p Gen 2 Type 21A7 21A8 Laptop ThinkPad BIOS affected 1.83 custom Not specified
CNA Lenovo P14s Gen 2 Type 21A0 21A1 Laptop ThinkPad BIOS affected 1.33 custom Not specified
CNA Lenovo ThinkPad S2 Yoga Gen 6 Type 21AG China Only BIOS affected 1.38 custom Not specified
CNA Lenovo X1 Extreme 4th Gen Type 20Y5 20Y6 Laptop ThinkPad BIOS affected 1.33 custom Not specified
CNA Lenovo P17 Gen 2 Type 20YU 20YV Laptops ThinkPad BIOS affected 1.97 custom Not specified
CNA Lenovo X1 Titanium Type 20QA 20QB Laptop ThinkPad BIOS affected 1.37 custom Not specified
CNA Lenovo X1 Nano Gen 1 Type 20UN 20UQ Laptop ThinkPad BIOS affected 1.68 custom Not specified
CNA Lenovo X12 Detachable Gen 1 Type 20UW 20UV Laptop ThinkPad BIOS affected 1.40 custom Not specified
CNA Lenovo E16 Gen 2 Type 21MA 21MB Laptops ThinkPad BIOS affected 1.21 custom Not specified
CNA Lenovo X13 Gen 5 Type 21LU 21LV Laptop ThinkPad BIOS affected 1.17 custom Not specified
CNA Lenovo L14 Gen 2 Type 20X1 20X2 Laptops ThinkPad BIOS affected 1.73 custom Not specified
CNA Lenovo E16 Gen 3 Type 21ST 21SU Laptops ThinkPad BIOS affected 1.21 custom Not specified
CNA Lenovo T16 Gen 4 Type 21QE 21QF Laptops ThinkPad BIOS affected 1.10 custom Not specified
CNA Lenovo T16 Gen 4 Type 22AW 22AX Laptops ThinkPad BIOS affected 1.08 custom Not specified
CNA Lenovo T15 Gen 2 Type 20W4 20W5 Laptop ThinkPad BIOS affected 1.69/1.21 custom Not specified
CNA Lenovo X1 Fold Gen 1 Type 20RK 20RL Laptop ThinkPad BIOS affected 1.34 custom Not specified
CNA Lenovo X1 Extreme 3rd Gen Type 20TK 20TL Laptop ThinkPad BIOS affected 1.37 custom Not specified
CNA Lenovo T14s Type 20T0 20T1 Laptop ThinkPad BIOS affected 1.37 custom Not specified
CNA Lenovo T15 Type 20S6 20S7 Laptop ThinkPad BIOS affected 1.34 custom Not specified
CNA Lenovo X13 Yoga Gen 1 Type 20SX 20SY Laptop ThinkPad BIOS affected 1.57 custom Not specified
CNA Lenovo X1 Yoga 5th Gen Type 20UB 20UC Laptop ThinkPad BIOS affected 1.41 custom Not specified
CNA Lenovo X390 Yoga Type 20NN 20NQ Laptop ThinkPad BIOS affected 2.05 custom Not specified
CNA Lenovo X1 Yoga 4th Gen Type 20SA 20SB Laptop ThinkPad BIOS affected 1.66/1.55 custom Not specified
CNA Lenovo X390 Type 20SC 20SD Laptop ThinkPad BIOS affected 1.87/1.32 custom Not specified
CNA Lenovo P73 Type 20QR 20QS Laptop Thinkpad BIOS affected 2.01 custom Not specified
CNA Lenovo T490 Type 20N2 20N3 Laptop ThinkPad BIOS affected 1.85/1.26 custom Not specified
CNA Lenovo X1 Extreme 2nd Gen Type 20QV 20QW Laptop ThinkPad BIOS affected 1.55 custom Not specified
CNA Lenovo L390 Type 20NR 20NS Laptops ThinkPad BIOS affected 1.53 custom Not specified
CNA Lenovo L13 Type 20R3 20R4 Laptops ThinkPad BIOS affected 1.45 custom Not specified
CNA Lenovo L13 Gen 5 Type 21LB 21LC Laptops ThinkPad BIOS affected 1.21 custom Not specified
CNA Lenovo E14 Gen 7 Type 21T9 21TA Laptops ThinkPad BIOS affected 1.11 custom Not specified
CNA Lenovo P14s Gen 6 Type 21QL 21QM Laptops ThinkPad BIOS affected 1.17 custom Not specified
CNA Lenovo L13 2-in-1 Gen 6 Type 21R7 21R8 Laptops ThinkPad BIOS affected 1.10 custom Not specified
CNA Lenovo L14 Gen 6 Type 21S6 21S7 Laptops ThinkPad BIOS affected 1.06 custom Not specified
CNA Lenovo T14s Gen 6 Type 21QX 21QY Laptops ThinkPad BIOS affected 1.14 custom Not specified
CNA Lenovo P1 Gen 7 Type 21KV 21KW Laptop ThinkPad BIOS affected 1.17 custom Not specified
CNA Lenovo P14s Gen 5 Type 21G2 21G3 Laptops ThinkPad BIOS affected 1.26 custom Not specified
CNA Lenovo T14 Gen 5 Type 21MC 21MD Laptops ThinkPad BIOS affected 1.18 custom Not specified
CNA Lenovo X12 Detachable Gen 2 Type 21LK 21LL Laptops ThinkPad BIOS affected 1.21 custom Not specified
CNA Lenovo T16 Gen 3 Type 21MN 21MQ Laptops ThinkPad BIOS affected 1.16 custom Not specified
CNA Lenovo P16v Gen 2 Type 21KX 21KY Laptops ThinkPad BIOS affected 1.18 custom Not specified

References

ReferenceSourceLinkTags
support.lenovo.com/us/en/product_security/LEN-218282 [email protected] support.lenovo.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Additional Advisory Data

Solutions

CNA: Update to the version (or newer) as recommended in the advisory: https://support.lenovo.com/us/en/product_security/LEN-218282

© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report