Lenovo Thinkcentre Neo 30A 22 Gen 4 Firmware vulnerabilities

15 known vulnerabilities affecting lenovo/thinkcentre_neo_30a_22_gen_4_firmware.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

MEDIUM15

Vulnerabilities

Page 1 of 1

CVE-2023-43581MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43581 [MEDIUM] CWE-120 CVE-2023-43581: A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may all A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

nvd

CVE-2023-43577MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43577 [MEDIUM] CWE-120 CVE-2023-43577: A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

nvd

CVE-2023-43568MEDIUMCVSS 4.4fixed in o5nkt33a2023-11-08

CVE-2023-43568 [MEDIUM] CWE-126 CVE-2023-43568: A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.

nvd

CVE-2023-43578MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43578 [MEDIUM] CWE-120 CVE-2023-43578: A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

nvd

CVE-2023-43575MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43575 [MEDIUM] CWE-120 CVE-2023-43575: A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

nvd

CVE-2023-43570MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43570 [MEDIUM] CWE-20 CVE-2023-43570: A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may a A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary code.

nvd

CVE-2023-43574MEDIUMCVSS 4.4fixed in o5nkt33a2023-11-08

CVE-2023-43574 [MEDIUM] CWE-126 CVE-2023-43574: A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.

nvd

CVE-2023-43579MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43579 [MEDIUM] CWE-120 CVE-2023-43579: A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo Desktop products that may allo A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

nvd

CVE-2023-43573MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43573 [MEDIUM] CWE-120 CVE-2023-43573: A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

nvd

CVE-2023-43571MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43571 [MEDIUM] CWE-120 CVE-2023-43571: A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products tha A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

nvd

CVE-2023-43572MEDIUMCVSS 4.4fixed in o5nkt33a2023-11-08

CVE-2023-43572 [MEDIUM] CWE-126 CVE-2023-43572: A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products th A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.

nvd

CVE-2023-43580MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43580 [MEDIUM] CWE-120 CVE-2023-43580: A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may a A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

nvd

CVE-2023-43569MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43569 [MEDIUM] CWE-120 CVE-2023-43569: A buffer overflow was reported in the OemSmi module in some Lenovo Desktop products that may allow a A buffer overflow was reported in the OemSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

nvd

CVE-2023-43576MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43576 [MEDIUM] CWE-120 CVE-2023-43576: A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

nvd

CVE-2023-43567MEDIUMCVSS 6.7fixed in o5nkt33a2023-11-08

CVE-2023-43567 [MEDIUM] CWE-120 CVE-2023-43567: A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products t A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

nvd