Vulnerabilities > CVE-2023-5075 - Unspecified vulnerability in Lenovo Ideapad Duet 3 10Igl5 Firmware Eqcn37Ww

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

lenovo

NVD

Published: 2023-11-08

Updated: 2024-11-21

Summary

A buffer overflow was reported in the FmpSipoCapsuleDriver driver in the IdeaPad Duet 3-10IGL5 that may allow a local attacker with elevated privileges to execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
OS	Lenovo Lenovo Ideapad Duet 3 10Igl5 Firmware - Lenovo Ideapad Duet 3 10Igl5 Firmware Eqcn37Ww	2
Hardware	Lenovo Lenovo Ideapad Duet 3 10Igl5 -	1

References

https://support.lenovo.com/us/en/product_security/LEN-141775
https://support.lenovo.com/us/en/product_security/LEN-141775