Thinkpad X13 Gen 3 Firmware
CVE-2023-5078
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware.
AnalysisAI
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware. Affected products include: Lenovo Thinkpad X13 Gen 3 Firmware, Lenovo Thinkpad S2 Yoga Gen 7 Firmware, Lenovo Thinkpad S2 Yoga Gen 6 Firmware, Lenovo Thinkpad S2 Gen 8 Firmware, Lenovo Thinkpad P14S Gen 3 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Thinkpad X13 Gen 3 Firmware
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today