Vulnerabilities In BIOS Lenovo releases new firmware for many notebooks
Gadgets

Vulnerabilities In BIOS Lenovo releases new firmware for many notebooks

Lenovo A security advisory has been issued by ESET Lenovo for three vulnerabilities in the UEFI firmware. These vulnerabilities are believed to affect over 70 notebooks manufactured by the manufacturer. These security flaws were identified by ESET Lenovo security experts, and are now being updated.

“HTMOBIOS Vulnerabilities ” is the latest security advisory report. It lists the three security flaws CVE-2022-1890 and CVE-2022-1891. The report also recommends that affected users update their UEFI firmware immediately.

More than 70 models are at risk from vulnerabilities
The manufacturer has published a list of more than 70 affected models along with the firmware. These vulnerabilities allow local attackers to execute malicious code during the boot phase of a system’s startup. This was reported by the website Born. and Windows Blog first. Many Yoga, ThinkPad and IdeaPad notebooks are vulnerable to attack.

CVE-2022-1890 A buffer overflow was detected by the ReadyBootDxe driver on some Lenovo notebooks. This could have allowed an attacker with local privileges, to execute arbitrary codes.
CVE-2022-1891 An attacker with local privileges could execute arbitrary code by exploiting a buffer overflow in SystemLoadDefaultDxe in certain Lenovo notebooks.
CVE-2022-1892 An attacker with local privileges could execute arbitrary code by exploiting a buffer overflow in SystemBootManagerDxe drivers in certain Lenovo notebook products.
Lenovo’s security report links directly to the relevant updates to the firmware of affected models. Twitter is where ESET security experts share more information about the security holes via Twitter.

Vulnerabilities In BIOS Lenovo releases new firmware for many notebooks
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Most Popular

To Top