Vulnerabilities > Lenovo > Thinkpad T14S GEN 3 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-08 | CVE-2023-5078 | Unspecified vulnerability in Lenovo products A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware. | 6.7 |
| 2023-10-30 | CVE-2022-48189 | Unspecified vulnerability in Lenovo products An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. | 6.7 |
| 2023-10-30 | CVE-2022-4574 | Unspecified vulnerability in Lenovo products An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. | 6.7 |
| 2023-10-09 | CVE-2022-3728 | Insufficient Physical Protection Mechanism vulnerability in Lenovo products A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access. | 6.8 |
| 2023-10-09 | CVE-2022-48182 | Insufficient Physical Protection Mechanism vulnerability in Lenovo products A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access. | 6.8 |
| 2023-10-09 | CVE-2022-48183 | Insufficient Physical Protection Mechanism vulnerability in Lenovo products A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access. | 6.8 |
| 2023-06-26 | CVE-2023-2290 | Unspecified vulnerability in Lenovo products A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code. | 6.7 |