Dangerous vulnerabilities in dozens of Lenovo models 

16 November 2022
| No comments
B2B Cyber ​​Security ShortNews

Share post

Lenovo again has problems with vulnerabilities in dozens of notebook models. ESETResearch has discovered vulnerabilities that can be used to bypass the secure UEFI Secure Boot. Lenovo reacted immediately and is providing patches. The vulnerabilities have a severity of High!

ESETResearch has discovered 3 vulnerabilities in the UEFI firmware of several Lenovo notebooks and reported them to the manufacturer. The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases easily from an operating system. Already in April of this year and also again in September Lenovo had to report vulnerabilities in notebooks. If you missed these updates, you should make up for them.

Vulnerabilities in UEFI Secure Boot

Lenovo thanked ESET for the information about the vulnerabilities and immediately worked out updates for them. They are available for users on the Lenovo website. A few dozen models are affected. Lenovo describes the vulnerabilities as follows:

CVE-2022-3430

A potential vulnerability in the WMI setup driver on some Lenovo notebook consumer devices could allow an elevated attacker to change the Secure Boot setting by modifying an NVRAM variable.

CVE-2022-3431

A potential vulnerability in a driver used on some Lenovo notebook consumer devices during the manufacturing process, which was inadvertently not disabled, could allow an elevated attacker to override the Secure Boot setting by modifying an NVRAM variable.

CVE-2022-3432

A potential vulnerability in a driver used on the Ideapad Y700-14ISK during the manufacturing process that was incorrectly not disabled could allow an elevated attacker to override the secure boot setting by modifying an NVRAM variable.

Who is affected and who is not?

Lenovo provides a detailed list of which models are affected by which vulnerability. Sometimes there are several, sometimes just one. Well-known product lines are affected, such as IdeaPad 5, Lenovo Slim 7, Thinkbook, Yoga, Yoga Slim. The update is recommended for all users because the severity of the vulnerabilities is classified as high.

More at Lenovo.com

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more

Short news
, , , , ,