Vulnerability found in UEFI of Lenovo notebook PC, security company strongly recommends update
Three vulnerabilities have been discovered in the UEFI installed in Lenovo laptops. Lenovo has distributed security updates to products affected by the vulnerability and is calling for the application of updates.
Lenovo Notebook BIOS Vulnerabilities - Lenovo Support US
https://support.lenovo.com/us/en/product_security/LEN-94952
#ESETResearch discovered and reported to the manufacturer 3 vulnerabilities in the #UEFI firmware of several Lenovo Notebooks. The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases (incl. dbx ): all simply from an OS. 9
—ESET research (@ESETresearch) November 9, 2022
A vulnerability in the UEFI of Lenovo laptops was discovered by security firm ESET. According to ESET, if the vulnerability is exploited, attacks such as ``disabling UEFI secure boot'' and ``restoring the secure boot database to the factory default state'' will be possible. The three vulnerabilities are given the CVE numbers 'CVE-2022-3430', 'CVE-2022-3431' and 'CVE-2022-3432'. The outline of each vulnerability is as follows.
CVE-2022-3430
A vulnerability in the WMI setup driver of Lenovo consumer laptops. An attacker may be able to modify Secure Boot settings by modifying NVRAM variables.
CVE-2022-3431
A potential vulnerability exists in the drivers of Lenovo consumer laptops and was not disabled during manufacturing. An attacker may be able to modify Secure Boot settings by modifying NVRAM variables.
CVE-2022-3432
The ' ideapad Y700-14ISK ' driver has a potential vulnerability and was not disabled during manufacturing. An attacker may be able to modify Secure Boot settings by modifying NVRAM variables.
Of the three vulnerabilities discovered, security updates have been distributed for 'CVE-2022-3430' and 'CVE-2022-3431'. However, for 'CVE-2022-3432', security updates will not be distributed because support for the affected 'ideapad Y700-14ISK' has ended. The products that are subject to security updates at the time of article creation are as follows.
D330-10IGL Laptop (ideapad)
IdeaPad 5 Pro 16ARH7
IdeaPad 5 Pro 16IAH7
IdeaPad Duet 3 10IGL5
Lenovo Slim 7 16ARH7
Lenovo ThinkBook 15p IMH
S540-15IML Laptop (ideapad)
Slim 7 Pro 16ACH6 Laptop (IdeaPad)
Slim 7-14ARE05 Laptop (ideapad)
Slim 7-14IIL05 Laptop (ideapad)
Slim 7-14ITL05 Laptop (ideapad)
Slim 7-15IIL05 Laptop (ideapad)
Slim 7-15IMH05 Laptop (ideapad)
Slim 7-15ITL05 Laptop (ideapad)
ThinkBook 13x ITG Laptop
ThinkBook 14 G2 ARE Laptop
ThinkBook 14 G2 ITL Laptop
ThinkBook 14 G3 ACL Laptop
ThinkBook 14 G3 ITL Laptop
ThinkBook 14 G4 ABA Laptop
ThinkBook 14 G4+ ARA
ThinkBook 14 G4+ IAP Laptop
ThinkBook 14p G3 ARH
ThinkBook 14s Yoga ITL
ThinkBook 15 G2 ARE Laptop
ThinkBook 15 G2 ITL Laptop
ThinkBook 15 G3 ACL Laptop
ThinkBook 15 G3 ITL Laptop
ThinkBook 15 G4 ABA Laptop
ThinkBook 15P G2 ITH
ThinkBook 16 G4+ ARA
ThinkBook 16 G4+ IAP Laptop
ThinkBook 16p G3 ARH
ThinkBook 16p NX ARH
ThinkBook Plus G2 ITG
ThinkBook Plus G3 IAPs
Yoga Creator 7-15IMH05 Laptop (ideapad)
Yoga Duet 7-13IML05
Yoga Duet 7-13ITL6
Yoga Duet 7-13ITL6-LTE
Yoga Slim 7 Carbon 13ITL5 (ideapad)
Yoga Slim 7 Pro 16ACH6 Laptop (IdeaPad)
Yoga Slim 7 Pro 16ARH7
Yoga Slim 7-13ACN05 Laptop (ideapad)
Yoga Slim 7-13ITL05 Laptop (ideapad)
Yoga Slim 7-14ARE05 Laptop (ideapad)
Yoga Slim 7-14IIL05 Laptop (ideapad)
Yoga Slim 7-14ITL05 Laptop (ideapad)
Yoga Slim 7-15IIL05 Laptop (ideapad)
Yoga Slim 7-15IMH05 Laptop (ideapad)
Yoga Slim 7-15ITL05 Laptop (ideapad)
ideapad 5 Pro-16ACH6 Laptop
ideapad 5 Pro-16IHU6 Laptop
ideapad Creator 5-16ACH6 Laptop
Lenovo is asking users of affected products to download and apply the update from their support page . ESET also strongly recommends applying updates.
For those using one of the affected devices, we highly recommend updating to the latest firmware version. To see if you are affected by these vulnerabilities and for the firmware update instructions, visit Lenovo Advisory. https://t.co/7OxX6rDyR4 9/ 9
—ESET research (@ESETresearch) November 9, 2022
Related Posts:
