Microsoft Windows update for Lenovo products
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2024-23594 CVE-2024-23593 |
| CWE-ID | CWE-121 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Stack-based buffer overflow
EUVDB-ID: #VU88431
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-23594
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the target system.
The vulnerability exists due to a boundary error in LenovoBT.efi within System Recovery Bootloader. A remote administrator on the local network can trigger stack-based buffer overflow and bypass Secure Boot.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 S - 11
Windows Server: 2019 10.0.17763.1 - 2022 23H2
CPE2.3- cpe:2.3:o:microsoft:windows:10:S:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10:Mobile:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10:Gold:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_20H2:10.0.19042.572:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_21H1:10.0.19043.985:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.1288:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.2130:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.16405:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1511:10.0.10586.3:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2019_2004:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2024-23594
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Stack-based buffer overflow
EUVDB-ID: #VU88432
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-23593
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user can gain elevated privileges.
The vulnerability exists due to a boundary error in System Recovery Bootloader. A local user can modify the boot manager and escalate privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 S - 11
Windows Server: 2019 10.0.17763.1 - 2022 23H2
CPE2.3- cpe:2.3:o:microsoft:windows:10:S:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10:Mobile:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10:Gold:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_20H2:10.0.19042.572:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_21H1:10.0.19043.985:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_21H2:10.0.19044.1288:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_22H2:10.0.19045.2130:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1507:10.0.10240.16405:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1511:10.0.10586.3:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1607:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1703:10.0.15063.138:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2019_2004:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2022:23H2:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2024-23593
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
