Summary
| Detail | |||
|---|---|---|---|
| Vendor | Lenovo | First view | 2023-01-30 |
| Product | Ideacentre Aio 3-24Imb05 Firmware | Last view | 2023-11-08 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:o:lenovo:ideacentre_aio_3-24imb05_firmware:o4rkt3a:*:*:*:*:*:*:* | 17 |
| cpe:2.3:o:lenovo:ideacentre_aio_3-24imb05_firmware:*:*:*:*:*:*:*:* | 16 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6.7 | 2023-11-08 | CVE-2023-43581 | A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
| 6.7 | 2023-11-08 | CVE-2023-43580 | A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
| 6.7 | 2023-11-08 | CVE-2023-43579 | A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
| 6.7 | 2023-11-08 | CVE-2023-43578 | A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
| 6.7 | 2023-11-08 | CVE-2023-43577 | A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
| 6.7 | 2023-11-08 | CVE-2023-43576 | A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
| 6.7 | 2023-11-08 | CVE-2023-43575 | A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
| 4.4 | 2023-11-08 | CVE-2023-43574 | A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. |
| 6.7 | 2023-11-08 | CVE-2023-43573 | A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
| 4.4 | 2023-11-08 | CVE-2023-43572 | A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. |
| 6.7 | 2023-11-08 | CVE-2023-43571 | A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
| 6.7 | 2023-11-08 | CVE-2023-43570 | A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary code. |
| 6.7 | 2023-11-08 | CVE-2023-43569 | A buffer overflow was reported in the OemSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
| 4.4 | 2023-11-08 | CVE-2023-43568 | A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. |
| 6.7 | 2023-11-08 | CVE-2023-43567 | A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. |
| 7.8 | 2023-06-05 | CVE-2022-48181 | An ErrorMessage driver stack-based buffer overflow vulnerability in BIOS of some ThinkPad models could allow an attacker with local access to elevate their privileges and execute arbitrary code. |
| 6.7 | 2023-01-30 | CVE-2022-40137 | A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (2) | CWE-125 | Out-of-bounds Read |
| 25% (1) | CWE-787 | Out-of-bounds Write |
| 25% (1) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
