CVE-2022-3431

{"id": "CVE-2022-3431", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@lenovo.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-10-09T19:15:09.987", "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-94952", "tags": ["Vendor Advisory"], "source": "psirt@lenovo.com"}, {"url": "https://support.lenovo.com/us/en/product_security/LEN-94952", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@lenovo.com", "description": [{"lang": "en", "value": "CWE-276"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-276"}]}], "descriptions": [{"lang": "en", "value": "A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable."}, {"lang": "es", "value": "Una vulnerabilidad potencial en un driver utilizado durante el proceso de fabricaci\u00f3n de algunos dispositivos de consumo Lenovo Notebook que no se desactiv\u00f3 por error, puede permitir que un atacante con privilegios elevados modifique la configuraci\u00f3n de arranque seguro modificando una variable de la NVRAM."}], "lastModified": "2024-11-21T07:19:30.057", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_creator_5-16ach6_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7428DDA8-7629-4AF8-8DAA-7A49FF9D6DA1", "versionEndExcluding": "gscn34ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_creator_5-16ach6:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "90031C15-00A0-40F8-A98B-DDFA3F79D247"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro-16ihu6_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FFB4225-D28D-4C3B-BB03-349B966CCFCF", "versionEndExcluding": "grcn22ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro-16ihu6:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EC34C489-CC06-41DF-91C8-2919B9770E78"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro-16ach6_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD22DD91-73C6-4982-9424-6C3AA1D52EA6", "versionEndExcluding": "gscn34ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro-16ach6:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F160EE76-3FF4-42EB-94DE-4FEFCCEE54C2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-13itl05_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09F8B96E-197D-4E6C-B766-EFB312705CA0", "versionEndExcluding": "f7cn39ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-13itl05:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7B6E471A-EB31-46FE-944E-F48397F57E13"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-13acn05_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EBDE114-7FCF-4C49-A8F6-E20B25736454", "versionEndExcluding": "ghcn28ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-13acn05:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9FAF0D1D-070A-401E-B5B3-F3BCDD1860F7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_pro_16arh7_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "650BA4E3-7255-4AE1-B192-58C45166039F", "versionEndExcluding": "klcn15ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_pro_16arh7:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "620ACBF6-93BA-47B8-8AA6-974D81473171"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_pro_16ach6_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "851B51FB-DEFB-4E55-8114-BA49BEF8DFDC", "versionEndExcluding": "hucn16ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_pro_16ach6:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E0BEB08B-768F-4BFC-819B-B8A1DD01431F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_carbon_13itl5_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63C58648-9441-450E-BFFF-874781D29BC5", "versionEndExcluding": "f7cn39ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_carbon_13itl5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "978E1E13-8918-41D0-985C-53904CE0EC16"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:yoga_duet_7-13itl6-lte_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72679907-6E23-4BE7-809B-824B2E16D0EA", "versionEndExcluding": "gpcn24ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:yoga_duet_7-13itl6-lte:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "72782D1B-DFFB-4F78-AA4F-C10AEF277D2F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:yoga_duet_7-13itl6_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "853F9F82-3DF5-4D6B-A3BD-410AFD9BD7F1", "versionEndExcluding": "gpcn24ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:yoga_duet_7-13itl6:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "02CB1D39-F031-4AF9-88FE-E0E8E0A38768"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:yoga_duet_7-13iml05_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E799EC61-46FC-46B1-B27C-67D472AEC947", "versionEndExcluding": "ercn30ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:yoga_duet_7-13iml05:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8FCE2EC8-8384-4DE1-9B45-AECB510D0B1E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_plus_g3_iap_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EA39607-1264-4595-8BF2-A03FEE46A677", "versionEndExcluding": "k6cn29ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_plus_g3_iap:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8480B3A8-6F19-4C01-A5E8-B141DA845E4D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_plus_g2_itg_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD9DA7E8-963A-4845-A1A5-33FCD953F7AB", "versionEndExcluding": "gycn31ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_plus_g2_itg:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4D725D6F-60A7-4BEE-A19F-AF6CEEE46FE1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_16p_nx_arh_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6219BA17-B4B5-476A-A583-0A1A7C724E69", "versionEndExcluding": "kjcn27ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_16p_nx_arh:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F21184FF-7B12-4422-A819-C0836777283B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_16_g4\\+_iap_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4405421-414E-4BAC-8E9F-E99B398BF0CD", "versionEndExcluding": "hycn40ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_16_g4\\+_iap:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "56EA6832-49E6-4FFB-B49B-5ED528C8DC26"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_16_g4\\+_ara_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30656321-CDEC-4078-BD88-AF6074D42F48", "versionEndExcluding": "j6cn40ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_16_g4\\+_ara:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4062B850-7517-41A1-BA85-CEA38520B324"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_14_g4\\+_iap_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D008FDCD-FD4E-4DE7-8AF7-8982E2360E68", "versionEndExcluding": "hycn40ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_14_g4\\+_iap:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2EE24BE8-EFD8-417E-9059-3844E1526F32"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_14_g4\\+_ara_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AA85A21-27F0-4867-91D4-377EFD9A91CE", "versionEndExcluding": "j6cn40ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_14_g4\\+_ara:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B69C2C6D-E963-48F9-A91D-FC850A5C05DE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkbook_13x_itg_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CA24E6D-72F4-44A0-B7E2-378CC6260549", "versionEndExcluding": "hlcn30ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkbook_13x_itg:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "09B30D44-B6FB-4824-BC6A-24307D8F7439"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_slim_7_pro_16ach6_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57C398C8-388E-4622-B211-CB51120D8933", "versionEndExcluding": "hucn16ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_slim_7_pro_16ach6:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9378A311-DA4E-4452-8C0A-337F2375F948"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:s540-15iml_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7654476D-65DA-495F-91F2-A59A6C840F51", "versionEndExcluding": "cncn22ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:s540-15iml:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "78A9FC30-244F-441E-950E-2FDBFC520133"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:slim_7_16arh7_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC68F2A8-9976-4157-9926-1F398584C0EB", "versionEndExcluding": "klcn15ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:slim_7_16arh7:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CEF0DB00-37E3-48C9-8229-59422C95C937"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_duet_3_10igl5_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12037F5F-401A-4E68-92A8-922A5CA9BD63", "versionEndExcluding": "eqcn37ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_duet_3_10igl5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C6ED2CCF-A6BB-45C8-B729-31241AA7254A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro_16arh7_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F9E07F2-CCDE-4B45-9B04-7691D1869C1C", "versionEndExcluding": "j4cn33ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro_16arh7:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "33034E99-8CA2-4736-91F6-8E42181E9AF0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:d330-10igl_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93B3E734-67AE-498C-9808-70D5F07161EE", "versionEndExcluding": "g0cn11ww"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:d330-10igl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3FBE774E-04D0-46DE-8F9C-D4B9380BD1BC"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@lenovo.com"}