CVE-2022-3728

Summary

A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.

Affected Software

VendorProductVersion RangeStatus
LenovoThinkPad T14s Gen 3 BIOS< 1.30 (R22ET60W)affected
LenovoThinkPad X13 Gen3 BIOS< 1.30 (R22ET60W)affected

Weaknesses

  • CWE-1263: CWE-1263: Improper Physical Access Control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References