CVE-2023-5078
published 2023-11-08CVE-2023-5078: A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware.
medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | thinkpad_bios | — | — |
| lenovo | thinkpad_l13_gen_3_firmware | < 1.19 | 1.19 |
| lenovo | thinkpad_l13_yoga_gen_3_firmware | < 1.19 | 1.19 |
| lenovo | thinkpad_l14_gen_3_firmware | < 1.23 | 1.23 |
| lenovo | thinkpad_l14_gen_4_firmware | < 1.1 | 1.1 |
| lenovo | thinkpad_l15_gen_3_firmware | < 1.23 | 1.23 |
| lenovo | thinkpad_l15_gen_4_firmware | < 1.1 | 1.1 |
| lenovo | thinkpad_s2_yoga_gen_7_firmware | < 1.19 | 1.19 |