Vulnerabilities > CVE-2022-1890 - Out-of-bounds Write vulnerability in Lenovo products

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

NVD

Published: 2023-01-26

Updated: 2023-02-03

Summary

A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.

Part	Description	Count
OS	Lenovo Lenovo Thinkbook 14 IML Firmware - Lenovo Thinkbook 14 IIL Firmware - Lenovo Thinkbook 15 IIL Firmware - Lenovo Thinkbook 15 IML Firmware - Lenovo Yoga C640 13Iml LTE Firmware - Lenovo Yoga C640 13Iml Firmware -	6
Hardware	Lenovo Lenovo Thinkbook 14 IML - Lenovo Thinkbook 14 IIL - Lenovo Thinkbook 15 IIL - Lenovo Thinkbook 15 IML - Lenovo Yoga C640 13Iml LTE - Lenovo Yoga C640 13Iml -	6