VDB
CISA-2022-40134
CISA-2022-40134
PUBLISHED
CVSS 4.4 MEDIUM
Reported by lenovo · Published January 30, 2023
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
Risk Scores
CVSS 3.1
4.4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lenovo | BIOS | various |
| Lenovo | BIOS | various, various |
Timeline
- Jan 30, 2023 CVE Published
- Mar 27, 2025 CVE Updated