VYPR

LCFC BIOS

by Lenovo

CVEs (5)

  • CVE-2022-3746Aug 23, 2023
    risk 0.00cvss epss 0.00

    A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller (EC) interface.

  • CVE-2022-3745Aug 23, 2023
    risk 0.00cvss epss 0.00

    A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI.

  • CVE-2022-3744Aug 23, 2023
    risk 0.00cvss epss 0.00

    A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential.

  • CVE-2022-3743Aug 23, 2023
    risk 0.00cvss epss 0.00

    A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller (EC) commands.

  • CVE-2022-3742Aug 23, 2023
    risk 0.00cvss epss 0.00

    A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation.