A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.
History

Tue, 08 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Lenovo flex 7 14iau7 Firmware
Lenovo ideapad 5-14alc05
Lenovo ideapad 5-15alc05
CPEs cpe:2.3:h:lenovo:ideapad_5-14alc05:-:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:ideapad_5-15alc05:-:*:*:*:*:*:*:*
cpe:2.3:o:lenovo:flex_7_14iau7_firmware:*:*:*:*:*:*:*:*
Vendors & Products Lenovo flex 7 14iau7 Firmware
Lenovo ideapad 5-14alc05
Lenovo ideapad 5-15alc05
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: lenovo

Published: 2023-08-17T16:48:06.884Z

Updated: 2024-10-08T13:50:36.650Z

Reserved: 2023-07-31T16:44:11.696Z

Link: CVE-2023-4028

cve-icon Vulnrichment

Updated: 2024-08-02T07:17:11.498Z

cve-icon NVD

Status : Modified

Published: 2023-08-17T17:15:10.217

Modified: 2024-11-21T08:34:15.500

Link: CVE-2023-4028

cve-icon Redhat

No data.