Tuesday, November 5, 2024
HomeCVE/vulnerabilityLenovo Several High-Severity BIOS Vulnerabilities Impacts Hundreds of Devices

Lenovo Several High-Severity BIOS Vulnerabilities Impacts Hundreds of Devices

Published on

Malware protection

Recently, Lenovo’s new BIOS updates fixes the high-severity vulnerabilities impacting hundreds of devices in several models (Desktop, All in One, IdeaCentre, Legion, ThinkCentre, ThinkPad, ThinkAgile, ThinkStation, ThinkSystem).

The potential impact may include Information disclosure, privilege escalation and denial of service.

The List of Vulnerabilities Includes:

  • CVE-2021-28216 – Fixed pointer vulnerability in TianoCore EDK II BIOS that allow an attacker with local access and elevated privileges to execute arbitrary code. TianoCore EDK II is the foundational open source UEFI (BIOS) code used throughout industry in all modern computers.
  • CVE-2022-40134 – Information leak vulnerability found in the SMI Set BIOS Password SMI Handler, allow an attacker with local access and elevated privileges to read SMM memory.
  • CVE-2022-40135 – Information leak vulnerability in the Smart USB Protection SMI Handler, allow an attacker with local access and elevated privileges to read SMM memory.
  • CVE-2022-40136 – Information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models, allow an attacker with local access and elevated privileges to read SMM memory.
  • CVE-2022-40137 – Buffer overflow in the WMI SMI Handler, allow an attacker with local access and elevated privileges to execute arbitrary code.

American Megatrends security enhancements (AMI), no CVE available.

- Advertisement - SIEM as a Service

To Download the Latest Version:

  • Search for your product by name or machine type.
  • Click Drivers & Software on the left menu panel.
  • Click on Manual Update.

Recommendation

According to the Lenovo’s security advisory, “Update system firmware to the version (or newer) indicated for your model”.

The company has fixed the issues in the new BIOS updates for impacted products. Remaining fixes are expected by the end of September and October and few models may receive patches in the upcoming year.

The complete list of the impacted computer models and the BIOS firmware version that addresses the vulnerabilities are included in the ‘Security Advisory’, with links to the download portal for each model.

Download Free SWG – Secure Web Filtering – E-book

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

ClickFix Exploits GMeet & Zoom Pages to Deliver Sophisticated Malware

A new tactic, "ClickFix," has emerged. It exploits fake Google Meet and Zoom pages...

APT36 Hackers Attacking Windows Deevices With ElizaRAT

APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware...

Hackers Using AV/EDR Bypass Tool From Cybercrime Forums To Bypass Endpoints

Researchers uncovered two previously unknown endpoints with older Cortex XDR agents that used to...

Hackers Created 100+ Fake Web Stores To Steal Millions Of Dollars From Customers

The Phish, 'n' Ships fraud operation leverages, compromised websites to redirect users to fake...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

ClickFix Exploits GMeet & Zoom Pages to Deliver Sophisticated Malware

A new tactic, "ClickFix," has emerged. It exploits fake Google Meet and Zoom pages...

APT36 Hackers Attacking Windows Deevices With ElizaRAT

APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware...

Hackers Using AV/EDR Bypass Tool From Cybercrime Forums To Bypass Endpoints

Researchers uncovered two previously unknown endpoints with older Cortex XDR agents that used to...