CVE-2023-43571: A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to…

medium6.7CVSS 3.1

AVLACLPRHUINSUCHIHAH

A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

Affected

82 ranges· showing 25

Vendor	Product	Version range	Fixed in
lenovo	desktop_bios	—	—
lenovo	ideacentre_3-07ada05_firmware	< o4fkt39a	o4fkt39a
lenovo	ideacentre_3-07imb05_firmware	< m2vkt21a	m2vkt21a
lenovo	ideacentre_5-14imb05_firmware	< o4hkt3ca	o4hkt3ca
lenovo	ideacentre_5-14iob6_firmware	< m3gkt3da	m3gkt3da
lenovo	ideacentre_5_14iab7_firmware	< m42kt46a	m42kt46a
lenovo	ideacentre_5_14irb8_firmware	< m4ukt36a	m4ukt36a
lenovo	ideacentre_aio_3-22iil5_firmware	< o56kt24a	o56kt24a
lenovo	ideacentre_aio_3-22imb05_firmware	< o4rkt31a	o4rkt31a
lenovo	ideacentre_aio_3-22itl6_firmware	< o5akt34a	o5akt34a
lenovo	ideacentre_aio_3-24alc6_firmware	< o5bkt25a	o5bkt25a
lenovo	ideacentre_aio_3-24iil5_firmware	< o56kt24a	o56kt24a
lenovo	ideacentre_aio_3-24imb05_firmware	< o4rkt31a	o4rkt31a
lenovo	ideacentre_aio_3-24itl6_firmware	< o5akt34a	o5akt34a
lenovo	ideacentre_aio_3-27imb05_firmware	< o4rkt31a	o4rkt31a
lenovo	ideacentre_aio_3-27itl6_firmware	< o5akt34a	o5akt34a
lenovo	ideacentre_aio_3_21itl7_firmware	< o5akt34a	o5akt34a
lenovo	ideacentre_aio_3_22iap7_firmware	< o5nkt33a	o5nkt33a
lenovo	ideacentre_aio_3_24iap7_firmware	< o5nkt33a	o5nkt33a
lenovo	ideacentre_aio_3_27iap7_firmware	< o5nkt33a	o5nkt33a
lenovo	ideacentre_aio_5_24iah7_firmware	< o5rkt41a	o5rkt41a
lenovo	ideacentre_aio_5_27iah7_firmware	< o5rkt41a	o5rkt41a
lenovo	ideacentre_c5-14imb05_firmware	< o4hkt3ca	o4hkt3ca
lenovo	ideacentre_creator_5-14iob6_firmware	< m3gkt3da	m3gkt3da
lenovo	ideacentre_g5-14amr05_firmware	< o4zkt2ba	o4zkt2ba