Vulnerabilities > Lenovo > Ideapad Y700 14Isk Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-01-26 CVE-2022-3432 Incorrect Default Permissions vulnerability in Lenovo Ideapad Y700-14Isk Firmware
A potential vulnerability in a driver used during manufacturing process on the Ideapad Y700-14ISK that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
local
low complexity
lenovo CWE-276
6.7