CVE-2023-45079: A memory leakage vulnerability was reported in the NvmramSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables.

medium6.7CVSS 3.1

AVLACLPRHUINSUCHIHAH

A memory leakage vulnerability was reported in the NvmramSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables.

Affected

54 ranges· showing 25

Vendor	Product	Version range	Fixed in
lenovo	bios	—	—
lenovo	ideacentre_3-07ada05_firmware	< o4fkt39a	o4fkt39a
lenovo	ideacentre_3-07imb05_firmware	< m2vkt21a	m2vkt21a
lenovo	ideacentre_5-14iob6_firmware	< m3gkt3da	m3gkt3da
lenovo	ideacentre_c5-14imb05_firmware	< o4hkt3ca	o4hkt3ca
lenovo	ideacentre_creator_5-14iob6_firmware	< m3gkt3da	m3gkt3da
lenovo	ideacentre_g5-14amr05_firmware	< o4zkt2ba	o4zkt2ba
lenovo	ideacentre_g5-14imb05_firmware	< o4hkt3ca	o4hkt3ca
lenovo	ideacentre_gaming_5-14iob6_firmware	< m3gkt3da	m3gkt3da
lenovo	ideacentre_mini_5-01imh05_firmware	< o4ekt1ba	o4ekt1ba
lenovo	ideacentre_mini_5_01iaq7_firmware	< o53kt10a	o53kt10a
lenovo	legion_t7-34imz5_firmware	< o5fkt17a	o5fkt17a
lenovo	thinkcentre_m625q_firmware	< m1wkt52a	m1wkt52a
lenovo	thinkcentre_m70a_firmware	< m2skt29a	m2skt29a
lenovo	thinkcentre_m70c_firmware	< m2vkt21a	m2vkt21a
lenovo	thinkcentre_m70q_firmware	< m2wkt5aa	m2wkt5aa
lenovo	thinkcentre_m70s_firmware	< m2tkt55a	m2tkt55a
lenovo	thinkcentre_m70t_firmware	< m2tkt55a	m2tkt55a
lenovo	thinkcentre_m720q_firmware	< m1ukt72a	m1ukt72a
lenovo	thinkcentre_m720s_firmware	< m1ukt72a	m1ukt72a
lenovo	thinkcentre_m720t_firmware	< m1ukt72a	m1ukt72a
lenovo	thinkcentre_m75n_firmware	< m33kt27a	m33kt27a
lenovo	thinkcentre_m75q_gen_2_firmware	< m47kt30a	m47kt30a
lenovo	thinkcentre_m80q_firmware	< m2wkt5aa	m2wkt5aa
lenovo	thinkcentre_m80s_firmware	< m2tkt55a	m2tkt55a