CVE-2022-40137
published 2023-01-30CVE-2022-40137: A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Affected
297 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | bios | — | — |
| lenovo | ideacentre_3-07ada05_firmware | — | — |
| lenovo | ideacentre_3-07imb05_firmware | — | — |
| lenovo | ideacentre_3_07iab7_firmware | — | — |
| lenovo | ideacentre_5-14acn6_firmware | — | — |
| lenovo | ideacentre_5-14are05_firmware | — | — |
| lenovo | ideacentre_5-14imb05_firmware | — | — |
| lenovo | ideacentre_5-14iob6_firmware | — | — |
| lenovo | ideacentre_510-15ick_firmware | — | — |
| lenovo | ideacentre_510a-15arr_firmware | — | — |
| lenovo | ideacentre_510a-15ick_firmware | — | — |
| lenovo | ideacentre_510s-07icb_firmware | — | — |
| lenovo | ideacentre_510s-07ick_firmware | — | — |
| lenovo | ideacentre_5_14iab7_firmware | — | — |
| lenovo | ideacentre_720-18apr_firmware | — | — |
| lenovo | ideacentre_a340-22ast_all-in-one_firmware | — | — |
| lenovo | ideacentre_a340-22icb_all-in-one_firmware | — | — |
| lenovo | ideacentre_a340-22ick_all-in-one_firmware | — | — |
| lenovo | ideacentre_a340-22igm_all-in-one_firmware | — | — |
| lenovo | ideacentre_a340-22iwl_all-in-one_firmware | — | — |
| lenovo | ideacentre_a340-24icb_all-in-one_firmware | — | — |
| lenovo | ideacentre_a340-24ick_all-in-one_firmware | — | — |
| lenovo | ideacentre_a340-24igm_all-in-one_firmware | — | — |
| lenovo | ideacentre_a340-24iwl_all-in-one_firmware | — | — |
| lenovo | ideacentre_aio_3-22ada05_firmware | — | — |