CVE-2022-1107
6.7
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Lenovo | ThinkPad BIOS | various | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.