10w Notebook
by Lenovo
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-7756 | Med | 0.44 | 6.8 | 0.00 | Sep 13, 2024 | A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell. | ||
| CVE-2022-3746 | 0.00 | — | 0.00 | Aug 23, 2023 | A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller (EC) interface. | |||
| CVE-2022-3745 | 0.00 | — | 0.00 | Aug 23, 2023 | A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI. | |||
| CVE-2022-3744 | 0.00 | — | 0.00 | Aug 23, 2023 | A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential. | |||
| CVE-2022-3743 | 0.00 | — | 0.00 | Aug 23, 2023 | A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller (EC) commands. | |||
| CVE-2022-3742 | 0.00 | — | 0.00 | Aug 23, 2023 | A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation. |
- risk 0.44cvss 6.8epss 0.00
A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell.
- CVE-2022-3746Aug 23, 2023risk 0.00cvss —epss 0.00
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller (EC) interface.
- CVE-2022-3745Aug 23, 2023risk 0.00cvss —epss 0.00
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI.
- CVE-2022-3744Aug 23, 2023risk 0.00cvss —epss 0.00
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential.
- CVE-2022-3743Aug 23, 2023risk 0.00cvss —epss 0.00
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller (EC) commands.
- CVE-2022-3742Aug 23, 2023risk 0.00cvss —epss 0.00
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation.