Vulnerabilities > CVE-2022-4573 - Unspecified vulnerability in Lenovo Thinkpad X1 Fold GEN 1 Firmware

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

lenovo

NVD

Published: 2023-10-30

Updated: 2023-11-04

Summary

An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with local access and elevated privileges to execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
OS	Lenovo Lenovo Thinkpad X1 Fold GEN 1 Firmware -	1
Hardware	Lenovo Lenovo Thinkpad X1 Fold GEN 1 -	1

References

https://support.lenovo.com/us/en/product_security/LEN-106014