The UEFI firmware used in several laptops made by Lenovo is vulnerable to three buffer overflow vulnerabilities that could enable attackers to hijack the startup routine of Windows installations.
Lenovo has issued a security advisory uncovering three medium severity vulnerabilities tracked as CVE-2022-1890, CVE-2022-1891, and CVE-2022-1892.
- CVE-2022-1890: A buffer overflow has been identified in the ReadyBootDxe driver in some Lenovo notebook products which may allow an attacker with local privileges to execute arbitrary code.
- CVE-2022-1891: A buffer overflow has been identified in the SystemLoadDefaultDxe driver in some Lenovo notebook products which may allow an attacker with local privileges to execute arbitrary code.
- CVE-2022-1892: A buffer overflow has been identified in the SystemBootManagerDxe driver in some Lenovo notebook products which may allow an attacker with local privileges to execute arbitrary code.
The first issue is in the ReadyBootDxe driver used in some Lenovo notebook products, whereas as the last two are buffer overflow bugs in the SystemLoadDefaultDxe driver.
This second driver is used in the Yoga, IdeaPad, Flex, ThinkBook, V14, V15, V130, Slim, S145, S540, and S940 Lenovo lines, impacting over 70 individual models.
An attacker could create a specially crafted NVRAM variable, causing buffer overflow of the Data buffer in the second GetVariable call.
CVE ID :
CVE-2022-1890
CVE-2022-1891
CVE-2022-1892
Users of impacted devices are highly recommended to update their firmware to the latest version to mitigate potential threats.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment