CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

lenovo

yoga_7-14itl5_firmware

5 known vulnerabilities · sorted by CVSS score

CVE-2022-3744

MEDIUM6.7

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential.

lenovo / ideapad_1_14iau7_firmware+86

Local

Published Aug 23, 2023

CVE-2022-3742

MEDIUM6.7

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation.

lenovo / ideapad_1_14iau7_firmware+86

Local

Published Aug 23, 2023

CVE-2022-3746

MEDIUM6.7

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller (EC) interface.

lenovo / ideapad_1_14iau7_firmware+86

Local

Published Aug 23, 2023

CVE-2022-3743

MEDIUM4.4

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller (EC) commands.

lenovo / ideapad_1_14iau7_firmware+86

Local

Published Aug 23, 2023

CVE-2022-3745

MEDIUM4.4

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI.

lenovo / ideapad_1_14iau7_firmware+86

Local

Published Aug 23, 2023