Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2022-29470 |
CWE-ID | CWE-284 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
ThinkStation P340 Workstation Hardware solutions / Firmware ThinkStation P330 Workstation Hardware solutions / Firmware ThinkStation P330 Workstation Hardware solutions / Firmware ThinkPad X1 Extreme 3rd Gen 20TL Hardware solutions / Firmware ThinkPad X1 Extreme 3rd Gen 20TK Hardware solutions / Firmware ThinkPad P1 Gen 3 20TJ Hardware solutions / Firmware ThinkPad P1 Gen 3 20TH Hardware solutions / Firmware Lenovo V50t-13IMB Hardware solutions / Firmware ThinkCentre M90t Hardware solutions / Firmware ThinkCentre M90s Hardware solutions / Firmware ThinkCentre M90q Hardware solutions / Firmware ThinkCentre M80t Hardware solutions / Firmware ThinkCentre M80s Hardware solutions / Firmware ThinkCentre M80q Hardware solutions / Firmware ThinkCentre M70t Hardware solutions / Firmware ThinkCentre M70s Hardware solutions / Firmware ThinkCentre M70q Hardware solutions / Firmware ThinkCentre M70q 11E8 Hardware solutions / Firmware ThinkCentre M70a Hardware solutions / Firmware ThinkStation P340 Workstation Hardware solutions / Firmware ThinkPad L13 Yoga Gen 2 20VK s Hardware solutions / Firmware ThinkPad L13 Yoga Gen 2 20VL s Hardware solutions / Firmware ThinkPad L13 Gen 2 20VJ s Hardware solutions / Firmware ThinkPad L13 Gen 2 20VH s Hardware solutions / Firmware Yoga Slim 7 Carbon 13IRP8 Hardware solutions / Firmware Yoga Slim 6 14IRP8 Hardware solutions / Firmware Yoga Slim 6 14IRH8 Hardware solutions / Firmware Yoga Slim 6 14IAP8 Hardware solutions / Firmware Yoga Pro 9 16IRP8 Hardware solutions / Firmware Yoga Pro 9 14IRP8 Hardware solutions / Firmware Yoga Book 9 13IRU8 Hardware solutions / Firmware ideapad Yoga 9-14ITL5 Hardware solutions / Firmware Lenovo V17 G2-ITL Hardware solutions / Firmware Lenovo V15 G2-ITL Hardware solutions / Firmware Lenovo V14 G2-ITL Hardware solutions / Firmware ThinkBook 16p G4 IRH Hardware solutions / Firmware ThinkBook 16 G6 IRL Hardware solutions / Firmware ThinkBook 15 G5 IRL Hardware solutions / Firmware ThinkBook 15 G4 IAP Hardware solutions / Firmware ThinkBook 15 G3 ITL Hardware solutions / Firmware ThinkBook 15 G2 ITL Hardware solutions / Firmware ThinkBook 14s Yoga ITL Hardware solutions / Firmware ThinkBook 14s Yoga G3 IRU Hardware solutions / Firmware ThinkBook 14s Yoga G2 IAP Hardware solutions / Firmware ThinkBook 14 G6 IRL Hardware solutions / Firmware ThinkBook 14 G5 IRL Hardware solutions / Firmware ThinkBook 14 G4 IAP Hardware solutions / Firmware ThinkBook 14 G3 ITL Hardware solutions / Firmware ThinkBook 14 G2 ITL Hardware solutions / Firmware ThinkBook 13x G2 IAP Hardware solutions / Firmware LOQ 16IRH8 Hardware solutions / Firmware LOQ 15IRH8 Hardware solutions / Firmware Lenovo V17 G3 IAP Hardware solutions / Firmware Lenovo V15 G3 IAP Hardware solutions / Firmware Lenovo V15 G3 IAP CTO Hardware solutions / Firmware Lenovo V14 G3 IAP Hardware solutions / Firmware Lenovo Slim Pro 9 16IRP8 Hardware solutions / Firmware Lenovo Slim Pro 9 14IRP8 Hardware solutions / Firmware Lenovo Slim 7 Carbon 13IRP8 Hardware solutions / Firmware Lenovo Slim 7 14IRP8 Hardware solutions / Firmware Lenovo S14 G3 IAP Hardware solutions / Firmware Lenovo S14 G2 ITL Hardware solutions / Firmware Lenovo Flex 7 14IRU8 Hardware solutions / Firmware Legion Slim 5 16IRH8 Hardware solutions / Firmware Legion S7 16IRH8 Hardware solutions / Firmware Lenovo Legion S7 16IAH7 Hardware solutions / Firmware Legion 7 16IAX7 Hardware solutions / Firmware ideapad L3-15ITL6 Hardware solutions / Firmware K14 G2 IRU Hardware solutions / Firmware IdeaPad Slim 5 16IRL8 Hardware solutions / Firmware IdeaPad Slim 5 14IRL8 Hardware solutions / Firmware IdeaPad Slim 3 16IRU8 Hardware solutions / Firmware IdeaPad Slim 3 16IRH8 Hardware solutions / Firmware IdeaPad Slim 3 16IAH8 Hardware solutions / Firmware IdeaPad Slim 3 15IRU8 Hardware solutions / Firmware IdeaPad Slim 3 15IRH8 Hardware solutions / Firmware IdeaPad Slim 3 15IAH8 Hardware solutions / Firmware IdeaPad Slim 3 14IRU8 Hardware solutions / Firmware IdeaPad Slim 3 14IRH8 Hardware solutions / Firmware IdeaPad Slim 3 14IAH8 Hardware solutions / Firmware IdeaPad Pro 5 16IRH8 Hardware solutions / Firmware IdeaPad Gaming 3-15IHU6 Hardware solutions / Firmware IdeaPad Gaming 3 16IAH7 Hardware solutions / Firmware IdeaPad Gaming 3 15IAH7 Hardware solutions / Firmware IdeaPad Flex 5 16IRU8 Hardware solutions / Firmware IdeaPad Flex 5 14IRU8 Hardware solutions / Firmware Ideapad 5-15ITL05 Hardware solutions / Firmware IdeaPad 5-14ITL05 Hardware solutions / Firmware ideapad 5 Pro-14ITL6 Hardware solutions / Firmware IdeaPad 3-17ITL6 Hardware solutions / Firmware ideapad 3-15ITL6 Hardware solutions / Firmware ideapad 3-14ITL6 Hardware solutions / Firmware IdeaPad 3 17IAU7 Hardware solutions / Firmware IdeaPad 3 15IAU7 Hardware solutions / Firmware IdeaPad 3 14IAU7 Hardware solutions / Firmware IdeaPad 1 15IAU7 Hardware solutions / Firmware IdeaPad 1 14IAU7 Hardware solutions / Firmware IdeaPad Slim 5 16IAH8 Hardware solutions / Firmware IdeaPad Slim 5 14IAH8 Hardware solutions / Firmware Lenovo E41-50 Hardware solutions / Firmware |
Vendor | Lenovo |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU79422
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-29470
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A local user can bypass implemented security restrictions and gain elevated privileges on the system.
MitigationInstall update from vendor's website when available.
Vulnerable software versionsThinkStation P340 Workstation: All versions
ThinkStation P330 Workstation: All versions
ThinkStation P330 Workstation: All versions
ThinkPad X1 Extreme 3rd Gen 20TL: All versions
ThinkPad X1 Extreme 3rd Gen 20TK: All versions
ThinkPad P1 Gen 3 20TJ: All versions
ThinkPad P1 Gen 3 20TH: All versions
Lenovo V50t-13IMB: All versions
ThinkCentre M90t: All versions
ThinkCentre M90s: All versions
ThinkCentre M90q: All versions
ThinkCentre M80t: All versions
ThinkCentre M80s: All versions
ThinkCentre M80q: All versions
ThinkCentre M70t: All versions
ThinkCentre M70s: All versions
ThinkCentre M70q: All versions
ThinkCentre M70q 11E8: All versions
ThinkCentre M70a: All versions
ThinkStation P340 Workstation: All versions
ThinkPad L13 Yoga Gen 2 20VK s: before 8.7.10600.20700
ThinkPad L13 Yoga Gen 2 20VL s: before 8.7.10600.20700
ThinkPad L13 Gen 2 20VJ s: before 8.7.10600.20700
ThinkPad L13 Gen 2 20VH s: before 8.7.10600.20700
Yoga Slim 7 Carbon 13IRP8: before 9.0.11101.30293
Yoga Slim 6 14IRP8: before 9.0.11200.30652
Yoga Slim 6 14IRH8: before 9.0.11200.30652
Yoga Slim 6 14IAP8: before 9.0.11000.27915
Yoga Pro 9 16IRP8: before 9.0.11101.30293
Yoga Pro 9 14IRP8: before 9.0.11200.30652
Yoga Book 9 13IRU8: before 9.0.11101.30293
ideapad Yoga 9-14ITL5: before 8.7.10700.22502
Lenovo V17 G2-ITL: before 8.7.10700.22502
Lenovo V15 G2-ITL: before 8.7.10700.22502
Lenovo V14 G2-ITL: before 8.7.10700.22502
ThinkBook 16p G4 IRH: before 9.0.11200.30652
ThinkBook 16 G6 IRL: before 9.0.11202.31222
ThinkBook 15 G5 IRL: before 9.0.11200.30652
ThinkBook 15 G4 IAP: before 9.0.10709.26568
ThinkBook 15 G3 ITL: before 8.7.10700.22502
ThinkBook 15 G2 ITL: before 8.7.10700.22502
ThinkBook 14s Yoga ITL: before 8.7.10700.22502
ThinkBook 14s Yoga G3 IRU: before 9.0.11200.30652
ThinkBook 14s Yoga G2 IAP: before 9.0.10709.26568
ThinkBook 14 G6 IRL: before 9.0.11202.31222
ThinkBook 14 G5 IRL: before 9.0.11200.30652
ThinkBook 14 G4 IAP: before 9.0.10709.26568
ThinkBook 14 G3 ITL: before 8.7.10700.22502
ThinkBook 14 G2 ITL: before 8.7.10700.22502
ThinkBook 13x G2 IAP: before 9.0.11202.31222
LOQ 16IRH8: before 9.0.11101.30293
LOQ 15IRH8: before 9.0.11101.30293
Lenovo V17 G3 IAP: before 9.0.11202.31222
Lenovo V15 G3 IAP: before 9.0.11202.31222
Lenovo V15 G3 IAP CTO: before 9.0.11202.31222
Lenovo V14 G3 IAP: before 9.0.11202.31222
Lenovo Slim Pro 9 16IRP8: before 9.0.11101.30293
Lenovo Slim Pro 9 14IRP8: before 9.0.11200.30652
Lenovo Slim 7 Carbon 13IRP8: before 9.0.11101.30293
Lenovo Slim 7 14IRP8: before 9.0.11200.30652
Lenovo S14 G3 IAP: before 9.0.11202.31222
Lenovo S14 G2 ITL: before 8.7.10700.22502
Lenovo Flex 7 14IRU8: before 9.0.11202.31222
Legion Slim 5 16IRH8: before 9.0.11101.30293
Legion S7 16IRH8: before 9.0.11101.30293
Lenovo Legion S7 16IAH7: before 9.0.11000.27915
Legion 7 16IAX7: before 9.0.10709.26568
ideapad L3-15ITL6: before 8.7.10700.22502_21H2
K14 G2 IRU: before 9.0.11202.31222
IdeaPad Slim 5 16IRL8: before 9.0.11101.30293
IdeaPad Slim 5 14IRL8: before 9.0.11101.30293
IdeaPad Slim 3 16IRU8: before 9.0.11200.30652
IdeaPad Slim 3 16IRH8: before 9.0.11200.30652
IdeaPad Slim 3 16IAH8: before 9.0.11200.30652
IdeaPad Slim 3 15IRU8: before 9.0.11200.30652
IdeaPad Slim 3 15IRH8: before 9.0.11200.30652
IdeaPad Slim 3 15IAH8: before 9.0.11200.30652
IdeaPad Slim 3 14IRU8: before 9.0.11200.30652
IdeaPad Slim 3 14IRH8: before 9.0.11200.30652
IdeaPad Slim 3 14IAH8: before 9.0.11200.30652
IdeaPad Pro 5 16IRH8: before 9.0.11200.30652
IdeaPad Gaming 3-15IHU6: before 8.7.10700.22502
IdeaPad Gaming 3 16IAH7: before 9.0.11000.27915
IdeaPad Gaming 3 15IAH7: before 9.0.11000.27915
IdeaPad Flex 5 16IRU8: before 9.0.11202.31222
IdeaPad Flex 5 14IRU8: before 9.0.11202.31222
Ideapad 5-15ITL05: before 8.7.10700.22502
IdeaPad 5-14ITL05: before 8.7.10700.22502
ideapad 5 Pro-14ITL6: before 8.7.10700.22502
IdeaPad 3-17ITL6: before 8.7.10700.22502
ideapad 3-15ITL6: before 8.7.10700.22502
ideapad 3-14ITL6: before 8.7.10700.22502
IdeaPad 3 17IAU7: before 9.0.11202.31222
IdeaPad 3 15IAU7: before 9.0.11202.31222
IdeaPad 3 14IAU7: before 9.0.11202.31222
IdeaPad 1 15IAU7: before 9.0.11202.31222
IdeaPad 1 14IAU7: before 9.0.11202.31222
IdeaPad Slim 5 16IAH8: before 9.0.11101.30293
IdeaPad Slim 5 14IAH8: before 9.0.11101.30293
Lenovo E41-50: before 8.7.10401.16510
CPE2.3http://support.lenovo.com/us/en/product_security/LEN-140527
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.