Vulnerabilities > Lenovo > Ideapad 5 15Ial7 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-23 CVE-2022-3742 Classic Buffer Overflow vulnerability in Lenovo products
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation.
local
low complexity
lenovo CWE-120
6.7
2023-08-23 CVE-2022-3743 Information Exposure vulnerability in Lenovo products
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller (EC) commands.
local
low complexity
lenovo CWE-200
4.4
2023-08-23 CVE-2022-3744 Use of Hard-coded Credentials vulnerability in Lenovo products
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential.
local
low complexity
lenovo CWE-798
6.7
2023-08-23 CVE-2022-3745 Information Exposure vulnerability in Lenovo products
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI.
local
low complexity
lenovo CWE-200
4.4
2023-08-23 CVE-2022-3746 Improper Access Control vulnerability in Lenovo products
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller (EC) interface.
local
low complexity
lenovo CWE-284
6.7