VDB

CISA-2022-40134

CISA-2022-40134 PUBLISHED CVSS 4.4 MEDIUM

Reported by lenovo · Published January 30, 2023

An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.

Risk Scores

CVSS 3.1
4.4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
LenovoBIOSvarious
LenovoBIOSvarious, various

Timeline

  • Jan 30, 2023 CVE Published
  • Mar 27, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›