Risk | Low |
Patch available | NO |
Number of vulnerabilities | 6 |
CVE-ID | CVE-2023-22614 CVE-2023-22616 CVE-2023-22613 CVE-2023-22615 CVE-2023-22612 CVE-2022-24350 |
CWE-ID | CWE-119 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
ideapad D330-10IGL Hardware solutions / Firmware IdeaPad 1 14IAU7 Hardware solutions / Firmware IdeaPad 1 15IAU7 Hardware solutions / Firmware IdeaPad 3 14IAU7 Hardware solutions / Firmware IdeaPad 3 15IAU7 Hardware solutions / Firmware IdeaPad 3 17IAU7 Hardware solutions / Firmware IdeaPad 3-14ARE05 Hardware solutions / Firmware IdeaPad 3-15ARE05 Hardware solutions / Firmware IdeaPad 3-17ARE05 Hardware solutions / Firmware IdeaPad 3-17ITL6 Hardware solutions / Firmware IdeaPad 5 14IAL7 Hardware solutions / Firmware IdeaPad 5 15IAL7 Hardware solutions / Firmware IdeaPad 5 Pro 14IAP7 Hardware solutions / Firmware IdeaPad 5 Pro 16IAH7 Hardware solutions / Firmware IdeaPad 5-14ITL05 Hardware solutions / Firmware IdeaPad Duet 3 10IGL5 Hardware solutions / Firmware IdeaPad Duet 5 12IAU7 Hardware solutions / Firmware IdeaPad Gaming 3 15IAH7 Hardware solutions / Firmware IdeaPad Gaming 3 16IAH7 Hardware solutions / Firmware IdeaPad Gaming 3-15IHU6 Hardware solutions / Firmware ideapad L3-15ITL6 Hardware solutions / Firmware Lenovo Legion 5 15IAH7 Hardware solutions / Firmware Lenovo Legion 5 15IAH7H Hardware solutions / Firmware Lenovo Legion 5 Pro 16IA H7 Hardware solutions / Firmware Lenovo Legion 5 Pro 16IAH7H Hardware solutions / Firmware Lenovo Legion 5 Pro-16ITH6 Hardware solutions / Firmware Lenovo Legion 5 Pro-16ITH6H Hardware solutions / Firmware Lenovo Legion 5-15ITH6 Hardware solutions / Firmware Lenovo Legion 5-15ITH6H Hardware solutions / Firmware Lenovo Legion 5-17ITH6 Hardware solutions / Firmware Lenovo Legion 5-17ITH6H Hardware solutions / Firmware Legion 7 16IAX7 Hardware solutions / Firmware Lenovo Legion 7-16ITHg6 Hardware solutions / Firmware Lenovo Legion S7 16IAH7 Hardware solutions / Firmware Lenovo S14 G2 ITL Hardware solutions / Firmware Lenovo S14 G3 IAP Hardware solutions / Firmware Lenovo Slim 7 14IAP7 Hardware solutions / Firmware Lenovo Slim 7 14IRP8 Hardware solutions / Firmware Lenovo Slim 7 Carbon 13IAP7 Hardware solutions / Firmware Lenovo Slim 7 Carbon 13IRP8 Hardware solutions / Firmware Lenovo Slim 7 ProX 14IAH7 Hardware solutions / Firmware Lenovo Slim 9 14IAP7 Hardware solutions / Firmware Lenovo V14 G3 IAP Hardware solutions / Firmware Lenovo V15 G3 IAP Hardware solutions / Firmware Lenovo V17 G3 IAP Hardware solutions / Firmware ideapad S540-13ARE Hardware solutions / Firmware ideapad S540-13ITL Hardware solutions / Firmware Lenovo Slim 7 16IAH7 Hardware solutions / Firmware IdeaPad Slim 7 Pro-14IHU5 Hardware solutions / Firmware ideapad Slim 7-14ARE05 Hardware solutions / Firmware ideapad Slim 7-14ITL05 Hardware solutions / Firmware ideapad Slim 7-15ITL05 Hardware solutions / Firmware ThinkBook 13x ITG Hardware solutions / Firmware ThinkBook 14 G2 ITL Hardware solutions / Firmware ThinkBook 14 G3 ITL Hardware solutions / Firmware ThinkBook 14 G4 IAP Hardware solutions / Firmware ThinkBook 14 G4+ IAP Hardware solutions / Firmware ThinkBook 14s Yoga G2 IAP Hardware solutions / Firmware ThinkBook 14s Yoga ITL Hardware solutions / Firmware ThinkBook 15 G2 ITL Hardware solutions / Firmware ThinkBook 15 G3 ITL Hardware solutions / Firmware ThinkBook 15 G4 IAP Hardware solutions / Firmware ThinkBook 15P G2 ITH Hardware solutions / Firmware ThinkBook 16 G4+ IAP Hardware solutions / Firmware ThinkBook Plus G2 ITG Hardware solutions / Firmware ThinkBook Plus G3 IAP Hardware solutions / Firmware Lenovo V14 G2-ITL Hardware solutions / Firmware Len ovo V14-ARE Hardware solutions / Firmware Lenovo V15 G2-ITL Hardware solutions / Firmware Lenovo V17 G2-ITL Hardware solutions / Firmware Yoga 7 14IAL7 Hardware solutions / Firmware Yoga 7 16IAH7 Hardware solutions / Firmware IdeaPad Yoga 7 16IAP7 Hardware solutions / Firmware ideapad Yoga 7-14ITL5 Hardware solutions / Firmware ideapad Yoga 7-15ITL5 Hardware solutions / Firmware IdeaPad Yoga 9 14IAP7 Hardware solutions / Firmware Yoga 9 14IRP8 Hardware solutions / Firmware Yoga Duet 7-13IML05 Hardware solutions / Firmware Yoga Duet 7-13ITL6 Hardware solutions / Firmware Yoga Duet 7-13ITL6-L TE Hardware solutions / Firmware Yoga Slim 6 14IAP8 Hardware solutions / Firmware Yoga Slim 6 14IRP8 Hardware solutions / Firmware Yoga Slim 7 Carbon 13IAP7 Hardware solutions / Firmware Yoga Slim 7 Carbon 13IRP8 Hardware solutions / Firmware ideapad Yoga Slim 7 Carbon 13ITL5 Hardware solutions / Firmware Yoga Slim 7 Pro 14IAH7 Hardware solutions / Firmware IdeaPad Yoga Slim 7 Pro 14IAP7 Hardware solutions / Firmware IdeaPad Yoga Slim 7 Pro 16IAH7 Hardware solutions / Firmware ideapad Yoga Slim 7 Pro-1 4IHU5 Hardware solutions / Firmware ideapad Yoga Slim 7 Pro-14IHU5 O Hardware solutions / Firmware ideapad Yoga Slim 7 Pro-14ITL5 Hardware solutions / Firmware Yoga Slim 7 ProX 14IAH7 Hardware solutions / Firmware ideapad Yoga Slim 7-13ITL05 Hardware solutions / Firmware ideapad Yoga Slim 7-14ARE05 Hardware solutions / Firmware ideapad Yoga Slim 7-14ITL05 Hardware solutions / Firmware ideapad Yoga Slim 7-15ITL05 Hardware solutions / Firmware Yoga Slim 9 14IAP7 Hardware solutions / Firmware ideapad 3-14 ITL05 Hardware solutions / Firmware ideapad 3-14ITL6 Hardware solutions / Firmware ideapad 3-15ITL05 Hardware solutions / Firmware ideapad 3-15ITL6 Hardware solutions / Firmware ideapad 5 Pro-14ITL6 Hardware solutions / Firmware ideapad 5 Pro-16IHU6 Hardware solutions / Firmware ideapad 5-15ARE05 Hardware solutions / Firmware |
Vendor | Lenovo |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
EUVDB-ID: #VU75023
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-22614
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Insyde BIOS code. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
The vendor plans to release patches in August 2023.
ideapad D330-10IGL: All versions
IdeaPad 1 14IAU7: All versions
IdeaPad 1 15IAU7: All versions
IdeaPad 3 14IAU7: All versions
IdeaPad 3 15IAU7: All versions
IdeaPad 3 17IAU7: All versions
IdeaPad 3-14ARE05: All versions
IdeaPad 3-15ARE05: All versions
IdeaPad 3-17ARE05: All versions
IdeaPad 3-17ITL6: All versions
IdeaPad 5 14IAL7: All versions
IdeaPad 5 15IAL7: All versions
IdeaPad 5 Pro 14IAP7: All versions
IdeaPad 5 Pro 16IAH7: All versions
IdeaPad 5-14ITL05: All versions
IdeaPad Duet 3 10IGL5: All versions
IdeaPad Duet 5 12IAU7: All versions
IdeaPad Gaming 3 15IAH7: All versions
IdeaPad Gaming 3 16IAH7: All versions
IdeaPad Gaming 3-15IHU6: All versions
ideapad L3-15ITL6: All versions
Lenovo Legion 5 15IAH7: All versions
Lenovo Legion 5 15IAH7H: All versions
Lenovo Legion 5 Pro 16IA H7: All versions
Lenovo Legion 5 Pro 16IAH7H: All versions
Lenovo Legion 5 Pro-16ITH6: All versions
Lenovo Legion 5 Pro-16ITH6H: All versions
Lenovo Legion 5-15ITH6: All versions
Lenovo Legion 5-15ITH6H: All versions
Lenovo Legion 5-17ITH6: All versions
Lenovo Legion 5-17ITH6H: All versions
Legion 7 16IAX7: All versions
Lenovo Legion 7-16ITHg6: All versions
Lenovo Legion S7 16IAH7: All versions
Lenovo S14 G2 ITL: All versions
Lenovo S14 G3 IAP: All versions
Lenovo Slim 7 14IAP7: All versions
Lenovo Slim 7 14IRP8: All versions
Lenovo Slim 7 Carbon 13IAP7: All versions
Lenovo Slim 7 Carbon 13IRP8: All versions
Lenovo Slim 7 ProX 14IAH7: All versions
Lenovo Slim 9 14IAP7: All versions
Lenovo V14 G3 IAP: All versions
Lenovo V15 G3 IAP: All versions
Lenovo V17 G3 IAP: All versions
ideapad S540-13ARE: All versions
ideapad S540-13ITL: All versions
Lenovo Slim 7 16IAH7: All versions
IdeaPad Slim 7 Pro-14IHU5: All versions
ideapad Slim 7-14ARE05: All versions
ideapad Slim 7-14ITL05: All versions
ideapad Slim 7-15ITL05: All versions
ThinkBook 13x ITG: All versions
ThinkBook 14 G2 ITL: All versions
ThinkBook 14 G3 ITL: All versions
ThinkBook 14 G4 IAP: All versions
ThinkBook 14 G4+ IAP: All versions
ThinkBook 14s Yoga G2 IAP: All versions
ThinkBook 14s Yoga ITL: All versions
ThinkBook 15 G2 ITL: All versions
ThinkBook 15 G3 ITL: All versions
ThinkBook 15 G4 IAP: All versions
ThinkBook 15P G2 ITH: All versions
ThinkBook 16 G4+ IAP: All versions
ThinkBook Plus G2 ITG: All versions
ThinkBook Plus G3 IAP: All versions
Lenovo V14 G2-ITL: All versions
Len ovo V14-ARE: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V17 G2-ITL: All versions
Yoga 7 14IAL7: All versions
Yoga 7 16IAH7: All versions
IdeaPad Yoga 7 16IAP7: All versions
ideapad Yoga 7-14ITL5: All versions
ideapad Yoga 7-15ITL5: All versions
IdeaPad Yoga 9 14IAP7: All versions
Yoga 9 14IRP8: All versions
Yoga Duet 7-13IML05: All versions
Yoga Duet 7-13ITL6: All versions
Yoga Duet 7-13ITL6-L TE: All versions
Yoga Slim 6 14IAP8: All versions
Yoga Slim 6 14IRP8: All versions
Yoga Slim 7 Carbon 13IAP7: All versions
Yoga Slim 7 Carbon 13IRP8: All versions
ideapad Yoga Slim 7 Carbon 13ITL5: All versions
Yoga Slim 7 Pro 14IAH7: All versions
IdeaPad Yoga Slim 7 Pro 14IAP7: All versions
IdeaPad Yoga Slim 7 Pro 16IAH7: All versions
ideapad Yoga Slim 7 Pro-1 4IHU5: All versions
ideapad Yoga Slim 7 Pro-14IHU5 O: All versions
ideapad Yoga Slim 7 Pro-14ITL5: All versions
Yoga Slim 7 ProX 14IAH7: All versions
ideapad Yoga Slim 7-13ITL05: All versions
ideapad Yoga Slim 7-14ARE05: All versions
ideapad Yoga Slim 7-14ITL05: All versions
ideapad Yoga Slim 7-15ITL05: All versions
Yoga Slim 9 14IAP7: All versions
ideapad 3-14 ITL05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15ITL6: All versions
ideapad 5 Pro-14ITL6: All versions
ideapad 5 Pro-16IHU6: All versions
ideapad 5-15ARE05: All versions
CPE2.3http://support.lenovo.com/us/en/product_security/LEN-115634
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75024
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-22616
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Insyde BIOS code. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
The vendor plans to release patches in August 2023.
ideapad D330-10IGL: All versions
IdeaPad 1 14IAU7: All versions
IdeaPad 1 15IAU7: All versions
IdeaPad 3 14IAU7: All versions
IdeaPad 3 15IAU7: All versions
IdeaPad 3 17IAU7: All versions
IdeaPad 3-14ARE05: All versions
IdeaPad 3-15ARE05: All versions
IdeaPad 3-17ARE05: All versions
IdeaPad 3-17ITL6: All versions
IdeaPad 5 14IAL7: All versions
IdeaPad 5 15IAL7: All versions
IdeaPad 5 Pro 14IAP7: All versions
IdeaPad 5 Pro 16IAH7: All versions
IdeaPad 5-14ITL05: All versions
IdeaPad Duet 3 10IGL5: All versions
IdeaPad Duet 5 12IAU7: All versions
IdeaPad Gaming 3 15IAH7: All versions
IdeaPad Gaming 3 16IAH7: All versions
IdeaPad Gaming 3-15IHU6: All versions
ideapad L3-15ITL6: All versions
Lenovo Legion 5 15IAH7: All versions
Lenovo Legion 5 15IAH7H: All versions
Lenovo Legion 5 Pro 16IA H7: All versions
Lenovo Legion 5 Pro 16IAH7H: All versions
Lenovo Legion 5 Pro-16ITH6: All versions
Lenovo Legion 5 Pro-16ITH6H: All versions
Lenovo Legion 5-15ITH6: All versions
Lenovo Legion 5-15ITH6H: All versions
Lenovo Legion 5-17ITH6: All versions
Lenovo Legion 5-17ITH6H: All versions
Legion 7 16IAX7: All versions
Lenovo Legion 7-16ITHg6: All versions
Lenovo Legion S7 16IAH7: All versions
Lenovo S14 G2 ITL: All versions
Lenovo S14 G3 IAP: All versions
Lenovo Slim 7 14IAP7: All versions
Lenovo Slim 7 14IRP8: All versions
Lenovo Slim 7 Carbon 13IAP7: All versions
Lenovo Slim 7 Carbon 13IRP8: All versions
Lenovo Slim 7 ProX 14IAH7: All versions
Lenovo Slim 9 14IAP7: All versions
Lenovo V14 G3 IAP: All versions
Lenovo V15 G3 IAP: All versions
Lenovo V17 G3 IAP: All versions
ideapad S540-13ARE: All versions
ideapad S540-13ITL: All versions
Lenovo Slim 7 16IAH7: All versions
IdeaPad Slim 7 Pro-14IHU5: All versions
ideapad Slim 7-14ARE05: All versions
ideapad Slim 7-14ITL05: All versions
ideapad Slim 7-15ITL05: All versions
ThinkBook 13x ITG: All versions
ThinkBook 14 G2 ITL: All versions
ThinkBook 14 G3 ITL: All versions
ThinkBook 14 G4 IAP: All versions
ThinkBook 14 G4+ IAP: All versions
ThinkBook 14s Yoga G2 IAP: All versions
ThinkBook 14s Yoga ITL: All versions
ThinkBook 15 G2 ITL: All versions
ThinkBook 15 G3 ITL: All versions
ThinkBook 15 G4 IAP: All versions
ThinkBook 15P G2 ITH: All versions
ThinkBook 16 G4+ IAP: All versions
ThinkBook Plus G2 ITG: All versions
ThinkBook Plus G3 IAP: All versions
Lenovo V14 G2-ITL: All versions
Len ovo V14-ARE: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V17 G2-ITL: All versions
Yoga 7 14IAL7: All versions
Yoga 7 16IAH7: All versions
IdeaPad Yoga 7 16IAP7: All versions
ideapad Yoga 7-14ITL5: All versions
ideapad Yoga 7-15ITL5: All versions
IdeaPad Yoga 9 14IAP7: All versions
Yoga 9 14IRP8: All versions
Yoga Duet 7-13IML05: All versions
Yoga Duet 7-13ITL6: All versions
Yoga Duet 7-13ITL6-L TE: All versions
Yoga Slim 6 14IAP8: All versions
Yoga Slim 6 14IRP8: All versions
Yoga Slim 7 Carbon 13IAP7: All versions
Yoga Slim 7 Carbon 13IRP8: All versions
ideapad Yoga Slim 7 Carbon 13ITL5: All versions
Yoga Slim 7 Pro 14IAH7: All versions
IdeaPad Yoga Slim 7 Pro 14IAP7: All versions
IdeaPad Yoga Slim 7 Pro 16IAH7: All versions
ideapad Yoga Slim 7 Pro-1 4IHU5: All versions
ideapad Yoga Slim 7 Pro-14IHU5 O: All versions
ideapad Yoga Slim 7 Pro-14ITL5: All versions
Yoga Slim 7 ProX 14IAH7: All versions
ideapad Yoga Slim 7-13ITL05: All versions
ideapad Yoga Slim 7-14ARE05: All versions
ideapad Yoga Slim 7-14ITL05: All versions
ideapad Yoga Slim 7-15ITL05: All versions
Yoga Slim 9 14IAP7: All versions
ideapad 3-14 ITL05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15ITL6: All versions
ideapad 5 Pro-14ITL6: All versions
ideapad 5 Pro-16IHU6: All versions
ideapad 5-15ARE05: All versions
CPE2.3http://support.lenovo.com/us/en/product_security/LEN-115634
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75025
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-22613
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Insyde BIOS code. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
The vendor plans to release patches in August 2023.
ideapad D330-10IGL: All versions
IdeaPad 1 14IAU7: All versions
IdeaPad 1 15IAU7: All versions
IdeaPad 3 14IAU7: All versions
IdeaPad 3 15IAU7: All versions
IdeaPad 3 17IAU7: All versions
IdeaPad 3-14ARE05: All versions
IdeaPad 3-15ARE05: All versions
IdeaPad 3-17ARE05: All versions
IdeaPad 3-17ITL6: All versions
IdeaPad 5 14IAL7: All versions
IdeaPad 5 15IAL7: All versions
IdeaPad 5 Pro 14IAP7: All versions
IdeaPad 5 Pro 16IAH7: All versions
IdeaPad 5-14ITL05: All versions
IdeaPad Duet 3 10IGL5: All versions
IdeaPad Duet 5 12IAU7: All versions
IdeaPad Gaming 3 15IAH7: All versions
IdeaPad Gaming 3 16IAH7: All versions
IdeaPad Gaming 3-15IHU6: All versions
ideapad L3-15ITL6: All versions
Lenovo Legion 5 15IAH7: All versions
Lenovo Legion 5 15IAH7H: All versions
Lenovo Legion 5 Pro 16IA H7: All versions
Lenovo Legion 5 Pro 16IAH7H: All versions
Lenovo Legion 5 Pro-16ITH6: All versions
Lenovo Legion 5 Pro-16ITH6H: All versions
Lenovo Legion 5-15ITH6: All versions
Lenovo Legion 5-15ITH6H: All versions
Lenovo Legion 5-17ITH6: All versions
Lenovo Legion 5-17ITH6H: All versions
Legion 7 16IAX7: All versions
Lenovo Legion 7-16ITHg6: All versions
Lenovo Legion S7 16IAH7: All versions
Lenovo S14 G2 ITL: All versions
Lenovo S14 G3 IAP: All versions
Lenovo Slim 7 14IAP7: All versions
Lenovo Slim 7 14IRP8: All versions
Lenovo Slim 7 Carbon 13IAP7: All versions
Lenovo Slim 7 Carbon 13IRP8: All versions
Lenovo Slim 7 ProX 14IAH7: All versions
Lenovo Slim 9 14IAP7: All versions
Lenovo V14 G3 IAP: All versions
Lenovo V15 G3 IAP: All versions
Lenovo V17 G3 IAP: All versions
ideapad S540-13ARE: All versions
ideapad S540-13ITL: All versions
Lenovo Slim 7 16IAH7: All versions
IdeaPad Slim 7 Pro-14IHU5: All versions
ideapad Slim 7-14ARE05: All versions
ideapad Slim 7-14ITL05: All versions
ideapad Slim 7-15ITL05: All versions
ThinkBook 13x ITG: All versions
ThinkBook 14 G2 ITL: All versions
ThinkBook 14 G3 ITL: All versions
ThinkBook 14 G4 IAP: All versions
ThinkBook 14 G4+ IAP: All versions
ThinkBook 14s Yoga G2 IAP: All versions
ThinkBook 14s Yoga ITL: All versions
ThinkBook 15 G2 ITL: All versions
ThinkBook 15 G3 ITL: All versions
ThinkBook 15 G4 IAP: All versions
ThinkBook 15P G2 ITH: All versions
ThinkBook 16 G4+ IAP: All versions
ThinkBook Plus G2 ITG: All versions
ThinkBook Plus G3 IAP: All versions
Lenovo V14 G2-ITL: All versions
Len ovo V14-ARE: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V17 G2-ITL: All versions
Yoga 7 14IAL7: All versions
Yoga 7 16IAH7: All versions
IdeaPad Yoga 7 16IAP7: All versions
ideapad Yoga 7-14ITL5: All versions
ideapad Yoga 7-15ITL5: All versions
IdeaPad Yoga 9 14IAP7: All versions
Yoga 9 14IRP8: All versions
Yoga Duet 7-13IML05: All versions
Yoga Duet 7-13ITL6: All versions
Yoga Duet 7-13ITL6-L TE: All versions
Yoga Slim 6 14IAP8: All versions
Yoga Slim 6 14IRP8: All versions
Yoga Slim 7 Carbon 13IAP7: All versions
Yoga Slim 7 Carbon 13IRP8: All versions
ideapad Yoga Slim 7 Carbon 13ITL5: All versions
Yoga Slim 7 Pro 14IAH7: All versions
IdeaPad Yoga Slim 7 Pro 14IAP7: All versions
IdeaPad Yoga Slim 7 Pro 16IAH7: All versions
ideapad Yoga Slim 7 Pro-1 4IHU5: All versions
ideapad Yoga Slim 7 Pro-14IHU5 O: All versions
ideapad Yoga Slim 7 Pro-14ITL5: All versions
Yoga Slim 7 ProX 14IAH7: All versions
ideapad Yoga Slim 7-13ITL05: All versions
ideapad Yoga Slim 7-14ARE05: All versions
ideapad Yoga Slim 7-14ITL05: All versions
ideapad Yoga Slim 7-15ITL05: All versions
Yoga Slim 9 14IAP7: All versions
ideapad 3-14 ITL05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15ITL6: All versions
ideapad 5 Pro-14ITL6: All versions
ideapad 5 Pro-16IHU6: All versions
ideapad 5-15ARE05: All versions
CPE2.3http://support.lenovo.com/us/en/product_security/LEN-115634
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75026
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-22615
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Insyde BIOS code. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
The vendor plans to release patches in August 2023.
ideapad D330-10IGL: All versions
IdeaPad 1 14IAU7: All versions
IdeaPad 1 15IAU7: All versions
IdeaPad 3 14IAU7: All versions
IdeaPad 3 15IAU7: All versions
IdeaPad 3 17IAU7: All versions
IdeaPad 3-14ARE05: All versions
IdeaPad 3-15ARE05: All versions
IdeaPad 3-17ARE05: All versions
IdeaPad 3-17ITL6: All versions
IdeaPad 5 14IAL7: All versions
IdeaPad 5 15IAL7: All versions
IdeaPad 5 Pro 14IAP7: All versions
IdeaPad 5 Pro 16IAH7: All versions
IdeaPad 5-14ITL05: All versions
IdeaPad Duet 3 10IGL5: All versions
IdeaPad Duet 5 12IAU7: All versions
IdeaPad Gaming 3 15IAH7: All versions
IdeaPad Gaming 3 16IAH7: All versions
IdeaPad Gaming 3-15IHU6: All versions
ideapad L3-15ITL6: All versions
Lenovo Legion 5 15IAH7: All versions
Lenovo Legion 5 15IAH7H: All versions
Lenovo Legion 5 Pro 16IA H7: All versions
Lenovo Legion 5 Pro 16IAH7H: All versions
Lenovo Legion 5 Pro-16ITH6: All versions
Lenovo Legion 5 Pro-16ITH6H: All versions
Lenovo Legion 5-15ITH6: All versions
Lenovo Legion 5-15ITH6H: All versions
Lenovo Legion 5-17ITH6: All versions
Lenovo Legion 5-17ITH6H: All versions
Legion 7 16IAX7: All versions
Lenovo Legion 7-16ITHg6: All versions
Lenovo Legion S7 16IAH7: All versions
Lenovo S14 G2 ITL: All versions
Lenovo S14 G3 IAP: All versions
Lenovo Slim 7 14IAP7: All versions
Lenovo Slim 7 14IRP8: All versions
Lenovo Slim 7 Carbon 13IAP7: All versions
Lenovo Slim 7 Carbon 13IRP8: All versions
Lenovo Slim 7 ProX 14IAH7: All versions
Lenovo Slim 9 14IAP7: All versions
Lenovo V14 G3 IAP: All versions
Lenovo V15 G3 IAP: All versions
Lenovo V17 G3 IAP: All versions
ideapad S540-13ARE: All versions
ideapad S540-13ITL: All versions
Lenovo Slim 7 16IAH7: All versions
IdeaPad Slim 7 Pro-14IHU5: All versions
ideapad Slim 7-14ARE05: All versions
ideapad Slim 7-14ITL05: All versions
ideapad Slim 7-15ITL05: All versions
ThinkBook 13x ITG: All versions
ThinkBook 14 G2 ITL: All versions
ThinkBook 14 G3 ITL: All versions
ThinkBook 14 G4 IAP: All versions
ThinkBook 14 G4+ IAP: All versions
ThinkBook 14s Yoga G2 IAP: All versions
ThinkBook 14s Yoga ITL: All versions
ThinkBook 15 G2 ITL: All versions
ThinkBook 15 G3 ITL: All versions
ThinkBook 15 G4 IAP: All versions
ThinkBook 15P G2 ITH: All versions
ThinkBook 16 G4+ IAP: All versions
ThinkBook Plus G2 ITG: All versions
ThinkBook Plus G3 IAP: All versions
Lenovo V14 G2-ITL: All versions
Len ovo V14-ARE: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V17 G2-ITL: All versions
Yoga 7 14IAL7: All versions
Yoga 7 16IAH7: All versions
IdeaPad Yoga 7 16IAP7: All versions
ideapad Yoga 7-14ITL5: All versions
ideapad Yoga 7-15ITL5: All versions
IdeaPad Yoga 9 14IAP7: All versions
Yoga 9 14IRP8: All versions
Yoga Duet 7-13IML05: All versions
Yoga Duet 7-13ITL6: All versions
Yoga Duet 7-13ITL6-L TE: All versions
Yoga Slim 6 14IAP8: All versions
Yoga Slim 6 14IRP8: All versions
Yoga Slim 7 Carbon 13IAP7: All versions
Yoga Slim 7 Carbon 13IRP8: All versions
ideapad Yoga Slim 7 Carbon 13ITL5: All versions
Yoga Slim 7 Pro 14IAH7: All versions
IdeaPad Yoga Slim 7 Pro 14IAP7: All versions
IdeaPad Yoga Slim 7 Pro 16IAH7: All versions
ideapad Yoga Slim 7 Pro-1 4IHU5: All versions
ideapad Yoga Slim 7 Pro-14IHU5 O: All versions
ideapad Yoga Slim 7 Pro-14ITL5: All versions
Yoga Slim 7 ProX 14IAH7: All versions
ideapad Yoga Slim 7-13ITL05: All versions
ideapad Yoga Slim 7-14ARE05: All versions
ideapad Yoga Slim 7-14ITL05: All versions
ideapad Yoga Slim 7-15ITL05: All versions
Yoga Slim 9 14IAP7: All versions
ideapad 3-14 ITL05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15ITL6: All versions
ideapad 5 Pro-14ITL6: All versions
ideapad 5 Pro-16IHU6: All versions
ideapad 5-15ARE05: All versions
CPE2.3http://support.lenovo.com/us/en/product_security/LEN-115634
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75027
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-22612
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Insyde BIOS code. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
The vendor plans to release patches in August 2023.
ideapad D330-10IGL: All versions
IdeaPad 1 14IAU7: All versions
IdeaPad 1 15IAU7: All versions
IdeaPad 3 14IAU7: All versions
IdeaPad 3 15IAU7: All versions
IdeaPad 3 17IAU7: All versions
IdeaPad 3-14ARE05: All versions
IdeaPad 3-15ARE05: All versions
IdeaPad 3-17ARE05: All versions
IdeaPad 3-17ITL6: All versions
IdeaPad 5 14IAL7: All versions
IdeaPad 5 15IAL7: All versions
IdeaPad 5 Pro 14IAP7: All versions
IdeaPad 5 Pro 16IAH7: All versions
IdeaPad 5-14ITL05: All versions
IdeaPad Duet 3 10IGL5: All versions
IdeaPad Duet 5 12IAU7: All versions
IdeaPad Gaming 3 15IAH7: All versions
IdeaPad Gaming 3 16IAH7: All versions
IdeaPad Gaming 3-15IHU6: All versions
ideapad L3-15ITL6: All versions
Lenovo Legion 5 15IAH7: All versions
Lenovo Legion 5 15IAH7H: All versions
Lenovo Legion 5 Pro 16IA H7: All versions
Lenovo Legion 5 Pro 16IAH7H: All versions
Lenovo Legion 5 Pro-16ITH6: All versions
Lenovo Legion 5 Pro-16ITH6H: All versions
Lenovo Legion 5-15ITH6: All versions
Lenovo Legion 5-15ITH6H: All versions
Lenovo Legion 5-17ITH6: All versions
Lenovo Legion 5-17ITH6H: All versions
Legion 7 16IAX7: All versions
Lenovo Legion 7-16ITHg6: All versions
Lenovo Legion S7 16IAH7: All versions
Lenovo S14 G2 ITL: All versions
Lenovo S14 G3 IAP: All versions
Lenovo Slim 7 14IAP7: All versions
Lenovo Slim 7 14IRP8: All versions
Lenovo Slim 7 Carbon 13IAP7: All versions
Lenovo Slim 7 Carbon 13IRP8: All versions
Lenovo Slim 7 ProX 14IAH7: All versions
Lenovo Slim 9 14IAP7: All versions
Lenovo V14 G3 IAP: All versions
Lenovo V15 G3 IAP: All versions
Lenovo V17 G3 IAP: All versions
ideapad S540-13ARE: All versions
ideapad S540-13ITL: All versions
Lenovo Slim 7 16IAH7: All versions
IdeaPad Slim 7 Pro-14IHU5: All versions
ideapad Slim 7-14ARE05: All versions
ideapad Slim 7-14ITL05: All versions
ideapad Slim 7-15ITL05: All versions
ThinkBook 13x ITG: All versions
ThinkBook 14 G2 ITL: All versions
ThinkBook 14 G3 ITL: All versions
ThinkBook 14 G4 IAP: All versions
ThinkBook 14 G4+ IAP: All versions
ThinkBook 14s Yoga G2 IAP: All versions
ThinkBook 14s Yoga ITL: All versions
ThinkBook 15 G2 ITL: All versions
ThinkBook 15 G3 ITL: All versions
ThinkBook 15 G4 IAP: All versions
ThinkBook 15P G2 ITH: All versions
ThinkBook 16 G4+ IAP: All versions
ThinkBook Plus G2 ITG: All versions
ThinkBook Plus G3 IAP: All versions
Lenovo V14 G2-ITL: All versions
Len ovo V14-ARE: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V17 G2-ITL: All versions
Yoga 7 14IAL7: All versions
Yoga 7 16IAH7: All versions
IdeaPad Yoga 7 16IAP7: All versions
ideapad Yoga 7-14ITL5: All versions
ideapad Yoga 7-15ITL5: All versions
IdeaPad Yoga 9 14IAP7: All versions
Yoga 9 14IRP8: All versions
Yoga Duet 7-13IML05: All versions
Yoga Duet 7-13ITL6: All versions
Yoga Duet 7-13ITL6-L TE: All versions
Yoga Slim 6 14IAP8: All versions
Yoga Slim 6 14IRP8: All versions
Yoga Slim 7 Carbon 13IAP7: All versions
Yoga Slim 7 Carbon 13IRP8: All versions
ideapad Yoga Slim 7 Carbon 13ITL5: All versions
Yoga Slim 7 Pro 14IAH7: All versions
IdeaPad Yoga Slim 7 Pro 14IAP7: All versions
IdeaPad Yoga Slim 7 Pro 16IAH7: All versions
ideapad Yoga Slim 7 Pro-1 4IHU5: All versions
ideapad Yoga Slim 7 Pro-14IHU5 O: All versions
ideapad Yoga Slim 7 Pro-14ITL5: All versions
Yoga Slim 7 ProX 14IAH7: All versions
ideapad Yoga Slim 7-13ITL05: All versions
ideapad Yoga Slim 7-14ARE05: All versions
ideapad Yoga Slim 7-14ITL05: All versions
ideapad Yoga Slim 7-15ITL05: All versions
Yoga Slim 9 14IAP7: All versions
ideapad 3-14 ITL05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15ITL6: All versions
ideapad 5 Pro-14ITL6: All versions
ideapad 5 Pro-16IHU6: All versions
ideapad 5-15ARE05: All versions
CPE2.3http://support.lenovo.com/us/en/product_security/LEN-115634
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75028
Risk: Low
CVSSv3.1: 8.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2022-24350
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Insyde BIOS code. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
The vendor plans to release patches in August 2023.
ideapad D330-10IGL: All versions
IdeaPad 1 14IAU7: All versions
IdeaPad 1 15IAU7: All versions
IdeaPad 3 14IAU7: All versions
IdeaPad 3 15IAU7: All versions
IdeaPad 3 17IAU7: All versions
IdeaPad 3-14ARE05: All versions
IdeaPad 3-15ARE05: All versions
IdeaPad 3-17ARE05: All versions
IdeaPad 3-17ITL6: All versions
IdeaPad 5 14IAL7: All versions
IdeaPad 5 15IAL7: All versions
IdeaPad 5 Pro 14IAP7: All versions
IdeaPad 5 Pro 16IAH7: All versions
IdeaPad 5-14ITL05: All versions
IdeaPad Duet 3 10IGL5: All versions
IdeaPad Duet 5 12IAU7: All versions
IdeaPad Gaming 3 15IAH7: All versions
IdeaPad Gaming 3 16IAH7: All versions
IdeaPad Gaming 3-15IHU6: All versions
ideapad L3-15ITL6: All versions
Lenovo Legion 5 15IAH7: All versions
Lenovo Legion 5 15IAH7H: All versions
Lenovo Legion 5 Pro 16IA H7: All versions
Lenovo Legion 5 Pro 16IAH7H: All versions
Lenovo Legion 5 Pro-16ITH6: All versions
Lenovo Legion 5 Pro-16ITH6H: All versions
Lenovo Legion 5-15ITH6: All versions
Lenovo Legion 5-15ITH6H: All versions
Lenovo Legion 5-17ITH6: All versions
Lenovo Legion 5-17ITH6H: All versions
Legion 7 16IAX7: All versions
Lenovo Legion 7-16ITHg6: All versions
Lenovo Legion S7 16IAH7: All versions
Lenovo S14 G2 ITL: All versions
Lenovo S14 G3 IAP: All versions
Lenovo Slim 7 14IAP7: All versions
Lenovo Slim 7 14IRP8: All versions
Lenovo Slim 7 Carbon 13IAP7: All versions
Lenovo Slim 7 Carbon 13IRP8: All versions
Lenovo Slim 7 ProX 14IAH7: All versions
Lenovo Slim 9 14IAP7: All versions
Lenovo V14 G3 IAP: All versions
Lenovo V15 G3 IAP: All versions
Lenovo V17 G3 IAP: All versions
ideapad S540-13ARE: All versions
ideapad S540-13ITL: All versions
Lenovo Slim 7 16IAH7: All versions
IdeaPad Slim 7 Pro-14IHU5: All versions
ideapad Slim 7-14ARE05: All versions
ideapad Slim 7-14ITL05: All versions
ideapad Slim 7-15ITL05: All versions
ThinkBook 13x ITG: All versions
ThinkBook 14 G2 ITL: All versions
ThinkBook 14 G3 ITL: All versions
ThinkBook 14 G4 IAP: All versions
ThinkBook 14 G4+ IAP: All versions
ThinkBook 14s Yoga G2 IAP: All versions
ThinkBook 14s Yoga ITL: All versions
ThinkBook 15 G2 ITL: All versions
ThinkBook 15 G3 ITL: All versions
ThinkBook 15 G4 IAP: All versions
ThinkBook 15P G2 ITH: All versions
ThinkBook 16 G4+ IAP: All versions
ThinkBook Plus G2 ITG: All versions
ThinkBook Plus G3 IAP: All versions
Lenovo V14 G2-ITL: All versions
Len ovo V14-ARE: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V17 G2-ITL: All versions
Yoga 7 14IAL7: All versions
Yoga 7 16IAH7: All versions
IdeaPad Yoga 7 16IAP7: All versions
ideapad Yoga 7-14ITL5: All versions
ideapad Yoga 7-15ITL5: All versions
IdeaPad Yoga 9 14IAP7: All versions
Yoga 9 14IRP8: All versions
Yoga Duet 7-13IML05: All versions
Yoga Duet 7-13ITL6: All versions
Yoga Duet 7-13ITL6-L TE: All versions
Yoga Slim 6 14IAP8: All versions
Yoga Slim 6 14IRP8: All versions
Yoga Slim 7 Carbon 13IAP7: All versions
Yoga Slim 7 Carbon 13IRP8: All versions
ideapad Yoga Slim 7 Carbon 13ITL5: All versions
Yoga Slim 7 Pro 14IAH7: All versions
IdeaPad Yoga Slim 7 Pro 14IAP7: All versions
IdeaPad Yoga Slim 7 Pro 16IAH7: All versions
ideapad Yoga Slim 7 Pro-1 4IHU5: All versions
ideapad Yoga Slim 7 Pro-14IHU5 O: All versions
ideapad Yoga Slim 7 Pro-14ITL5: All versions
Yoga Slim 7 ProX 14IAH7: All versions
ideapad Yoga Slim 7-13ITL05: All versions
ideapad Yoga Slim 7-14ARE05: All versions
ideapad Yoga Slim 7-14ITL05: All versions
ideapad Yoga Slim 7-15ITL05: All versions
Yoga Slim 9 14IAP7: All versions
ideapad 3-14 ITL05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15ITL6: All versions
ideapad 5 Pro-14ITL6: All versions
ideapad 5 Pro-16IHU6: All versions
ideapad 5-15ARE05: All versions
CPE2.3http://support.lenovo.com/us/en/product_security/LEN-115634
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.