CVE-2022-1108
published 2022-04-22CVE-2022-1108: A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an…
medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an attacker with local access and elevated privileges to execute arbitrary code.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | thinkpad_bios | — | — |
| lenovo | thinkpad_x1_fold_gen_1_firmware | < n2pet50w | n2pet50w |
| msrc | microsoft_edge | — | — |