QID 377606

QID 377606: Lenovo BIOS Firmware Multiple Vulnerabilities - LEN-94953

Potential security vulnerabilities in BIOS firmware for multiple Intel Platforms may allow Information disclosure, privilege escalation, denial of service

Affected Products:
T14, T-490, P14S
These model numbers of affected:
20N2 20N3 20RY 20U9 20W0 20WM
QID Detection Logic:
This QID checks if Vulnerable versions of BIOS installed on windows system.

Malicious attacker could be able to escalate the privileges or disclose the sensitive information.

CVSS V3 rated as High - 7.8 severity.

CVSS V2 rated as Medium - 4.6 severity.

Solution

Customers are recommended to update bios firmware. Refer to Lenovo support - LEN-94953 for bios updates.

Vendor References

LEN-94953 - support.lenovo.com/us/en//product_security/LEN-94953

CVEs related to QID 377606

CVE-2021-28216 | CVE-2022-40134 | CVE-2022-40135 | CVE-2022-40136 | CVE-2022-40137 |

Software Advisories

Advisory ID	Software	Component	Link
LEN-94953			support.lenovo.com/us/en//product_security/LEN-94953

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].