Lenovo Bios 缓冲区错误漏洞(CVE-2023-45075)
CVE编号
CVE-2023-45075利用情况
暂无补丁情况
N/A披露时间
2023-11-09漏洞描述
已报告SWSMI_Shadow DXE驱动程序存在内存泄漏漏洞,当本地攻击者拥有提升权限时,可能利用该漏洞写入NVRAM变量。解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| https://support.lenovo.com/us/en/product_security/LEN-141775 |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | lenovo | ideacentre_3-07ada05_firmware | * | Up to (excluding) o4fkt39a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | ideacentre_3-07imb05_firmware | * | Up to (excluding) m2vkt21a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | ideacentre_5-14iob6_firmware | * | Up to (excluding) m3gkt3da | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | ideacentre_c5-14imb05_firmware | * | Up to (excluding) o4hkt3ca | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | ideacentre_creator_5-14iob6_firmware | * | Up to (excluding) m3gkt3da | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | ideacentre_g5-14amr05_firmware | * | Up to (excluding) o4zkt2ba | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | ideacentre_g5-14imb05_firmware | * | Up to (excluding) o4hkt3ca | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | ideacentre_gaming_5-14iob6_firmware | * | Up to (excluding) m3gkt3da | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | ideacentre_mini_5-01imh05_firmware | * | Up to (excluding) o4ekt1ba | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | ideacentre_mini_5_01iaq7_firmware | * | Up to (excluding) o53kt10a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | legion_t7-34imz5_firmware | * | Up to (excluding) o5fkt17a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m625q_firmware | * | Up to (excluding) m1wkt52a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m630e_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m70a_firmware | * | Up to (excluding) m2skt29a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m70c_firmware | * | Up to (excluding) m2vkt21a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m70q_firmware | * | Up to (excluding) m2wkt5aa | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m70s_firmware | * | Up to (excluding) m2tkt55a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m70t_firmware | * | Up to (excluding) m2tkt55a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m720q_firmware | * | Up to (excluding) m1ukt72a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m720s_firmware | * | Up to (excluding) m1ukt72a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m720t_firmware | * | Up to (excluding) m1ukt72a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m75n_firmware | * | Up to (excluding) m33kt27a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m75q_gen_2_firmware | * | Up to (excluding) m47kt30a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m75s_gen_2_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m75t_gen_2_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m80q_firmware | * | Up to (excluding) m2wkt5aa | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m80s_firmware | * | Up to (excluding) m2tkt55a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m80t_firmware | * | Up to (excluding) m2tkt55a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m820z_all-in-one_firmware | * | Up to (excluding) m1nkt62a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m90a_firmware | * | Up to (excluding) m2rkt57a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m90q_tiny_firmware | * | Up to (excluding) m2wkt5aa | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m90s_firmware | * | Up to (excluding) m2tkt55a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m90t_firmware | * | Up to (excluding) m2tkt55a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m920q_firmware | * | Up to (excluding) m1ukt72a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m920s_firmware | * | Up to (excluding) m1ukt72a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m920t_firmware | * | Up to (excluding) m1ukt72a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m920x_firmware | * | Up to (excluding) m1ukt72a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkcentre_m920z_all-in-one_firmware | * | Up to (excluding) m1mkt56a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkedge_se30_firmware | * | Up to (excluding) m3fkt2da | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p320_workstation_firmware | * | Up to (excluding) s06kt64a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p330_tiny_workstation_firmware | * | Up to (excluding) m1ukt72a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p330_workstation_2nd_gen_firmware | * | Up to (excluding) m1vkt72a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p330_workstation_firmware | * | Up to (excluding) m1vkt72a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p340_tiny_workstation_firmware | * | Up to (excluding) m2wkt5aa | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p340_workstation_firmware | * | Up to (excluding) s08kt55a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p348_workstation_firmware | * | Up to (excluding) m3kkt3ba | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p350_workstation_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p360_workstation_firmware | * | Up to (excluding) s0ekt45a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p360_workstation_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p520c_workstation_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p520_workstation_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p720_workstation_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | thinkstation_p920_workstation_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | v30a-22iml_firmware | * | Up to (excluding) m37kt31a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | v30a-24iml_firmware | * | Up to (excluding) m37kt31a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | v50a-22imb_firmware | * | Up to (excluding) m36kt32a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | v50a-24imb_firmware | * | Up to (excluding) m36kt32a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | v50s-07imb_firmware | * | Up to (excluding) m2vkt21a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | v50t-13imb_firmware | * | Up to (excluding) o4hkt3ca | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | v50t-13imh_firmware | * | Up to (excluding) m4pkt13a | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | v50t-13iob_g2_firmware | * | Up to (excluding) m3gkt3da | |||||
| 运行在以下环境 | |||||||||
| 系统 | lenovo | v55t_gen_2_13acn_firmware | * | Up to (excluding) o5jkt23a | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | ideacentre_3-07ada05 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | ideacentre_3-07imb05 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | ideacentre_5-14iob6 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | ideacentre_c5-14imb05 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | ideacentre_creator_5-14iob6 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | ideacentre_g5-14amr05 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | ideacentre_g5-14imb05 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | ideacentre_gaming_5-14iob6 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | ideacentre_mini_5-01imh05 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | ideacentre_mini_5_01iaq7 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | legion_t7-34imz5 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m625q | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m630e | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m70a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m70c | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m70q | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m70s | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m70t | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m720q | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m720s | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m720t | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m75n | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m75q_gen_2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m75s_gen_2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m75t_gen_2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m80q | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m80s | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m80t | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m820z_all-in-one | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m90a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m90q_tiny | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m90s | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m90t | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m920q | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m920s | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m920t | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m920x | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkcentre_m920z_all-in-one | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkedge_se30 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p320_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p330_tiny_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p330_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p330_workstation_2nd_gen | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p340_tiny_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p340_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p348_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p350_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p360_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p520c_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p520_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p720_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | thinkstation_p920_workstation | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | v30a-22iml | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | v30a-24iml | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | v50a-22imb | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | v50a-24imb | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | v50s-07imb | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | v50t-13imb | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | v50t-13imh | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | v50t-13iob_g2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | lenovo | v55t_gen_2_13acn | - | - | |||||
- 攻击路径 本地
- 攻击复杂度 低
- 权限要求 高
- 影响范围 未更改
- 用户交互 无
- 可用性 高
- 保密性 高
- 完整性 高
| CWE-ID | 漏洞类型 |
| CWE-125 | 跨界内存读 |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论