Security News > 2022 > July > New UEFI firmware flaws impact over 70 Lenovo laptop models
The UEFI firmware used in several laptops made by Lenovo is vulnerable to three buffer overflow vulnerabilities that could enable attackers to hijack the startup routine of Windows installations.
Lenovo has issued a security advisory disclosing three medium severity vulnerabilities tracked as CVE-2022-1890, CVE-2022-1891, and CVE-2022-1892.
The first is an issue in the ReadyBootDxe driver used in some Lenovo notebook products, while the last two are buffer overflow bugs in the SystemLoadDefaultDxe driver.
To help the cybersecurity community identify and fix similar issues, ESET submitted code improvements to Binarly's UEFI firmware analyzer 'efiXplorer,' which is freely available on GitHub.
UEFI firmware attacks are extremely dangerous because they enable threat actors to run malware early in an operating system's boot process, even before Windows built-in security protections are activated.
If you have trouble determining what model you're using, Lenovo offers an automatic online detector that you can use instead..
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2022-1892 | Classic Buffer Overflow vulnerability in Lenovo products A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. | 7.8 |
| 2023-01-26 | CVE-2022-1891 | Classic Buffer Overflow vulnerability in Lenovo products A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. | 7.8 |
| 2023-01-26 | CVE-2022-1890 | Out-of-bounds Write vulnerability in Lenovo products A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. | 7.8 |