CVE-2023-5078

{"id": "CVE-2023-5078", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}, {"type": "Secondary", "source": "psirt@lenovo.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}]}, "published": "2023-11-08T22:15:11.957", "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-141775", "tags": ["Vendor Advisory"], "source": "psirt@lenovo.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@lenovo.com", "description": [{"lang": "en", "value": "CWE-665"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware."}, {"lang": "es", "value": "Se inform\u00f3 una vulnerabilidad en algunos BIOS de ThinkPad que podr\u00eda permitir que un atacante f\u00edsico o local con privilegios elevados altere el firmware del BIOS."}], "lastModified": "2023-11-16T18:01:15.060", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_x13_gen_3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8C890D81-D9C9-4AEB-A12E-DF79528876CD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_x13_gen_3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51AEE592-1F68-413B-A670-B0F6F3D110EC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_7:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D1040935-6004-4539-992A-FCDDC84333B5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_7_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B01C37DE-CD3B-41B1-AD51-9A50756895AC", "versionEndExcluding": "1.19"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_6:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3B2279C8-0F44-4CA3-9AED-F31E3C3327D8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_6_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FF1F949-A465-4F73-9C63-0D74CC4A0DC3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_gen_8:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "826861DB-719A-40DE-B813-CE51EDEC84D2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_gen_8_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61017FB7-72EF-4FD5-8B22-D583050545CE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p14s_gen_3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C54E4EC5-68F4-484D-8A1A-607207073291"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p14s_gen_3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A77BE2A8-C168-4F8D-B171-B0BDA4F6987D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_p16s_gen_1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5DBC3DED-A725-4686-BACD-FD2AC33D4B4C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_p16s_gen_1_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75543F74-E28E-44A9-B33E-F282F1FCCAD2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t14_gen_3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85C2DBDC-539A-4E63-90A0-17D92B800586"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t14_gen_3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "33F5E4AC-0BB5-4582-A68B-B044AE1FDDF3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t14s_gen_3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BC69FC7-7B0F-4F20-A067-A685EC15FD74"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t14s_gen_3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A3F5560A-10AE-46AE-A609-C8EB9287F779"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_t16_gen_1_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "013EEF43-FF93-4F37-A1A6-950446B75E48"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_t16_gen_1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A04B796B-A40C-43BC-8027-2539BBECF001"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l14_gen_3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9C3B900-6538-4D4D-A3E6-E216238AC569", "versionEndExcluding": "1.23"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l14_gen_3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E774C0D8-4712-414D-B9B9-214AAC710B63"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l14_gen_4_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFA1173E-8292-4C93-9D71-242BBC87306B", "versionEndExcluding": "1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l14_gen_4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "181D4876-394F-4FE0-91B8-16267F987D18"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l15_gen_3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67569E35-EBF9-4EC0-A6D4-35BC80424093", "versionEndExcluding": "1.23"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l15_gen_3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E4ACCDD8-A4F5-4805-91FC-4464A1FB46BA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l15_gen_4_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77783297-A20A-4137-8E0F-1600AC0EAE7D", "versionEndExcluding": "1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l15_gen_4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0ED6441F-C705-40D0-9FDF-7471955D6610"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_4_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06CEB116-4F8D-4573-8E65-C6FC5A65455E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D619CDB5-510B-443F-8772-CB09DD68190D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DA62157-F2A9-4868-B7BA-C15BD4EAFD77", "versionEndExcluding": "1.19"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1B43B845-C95E-47DF-8AEB-7ADB650A5425"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66645F82-9F66-4AEF-B11E-266C7EF154B1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0CB43443-ED65-4CF5-8FDA-3BCC1E2BD5A2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_4_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F7C2C57-6EE4-4B33-8EF8-C0BD769DF480"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0D5606FE-0787-44AD-97B8-AAB560056ED5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A6606CF-CCC8-4061-A989-3519EEA48E4C", "versionEndExcluding": "1.19"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7D6D51EE-16C2-4090-8872-E69E55D5D4A7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FF9C24C-203D-4AA7-BBE9-20B0418514C1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3E560943-6A00-4423-91F3-FBBBBB978F6B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_8_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "839CD19A-A6B3-4F2A-B7F5-D2DF08933ADC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_8:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8DA25359-AE51-45EA-8507-40953790E04E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@lenovo.com"}