Lenovo V15 G5 Irl Bios
Monthly
Lenovo BIOS firmware across dozens of consumer and gaming laptop models - Legion, IdeaPad, Yoga, ThinkBook, LOQ, and V-series - contains a missing authentication flaw in the WMI-to-SMI interface that permits a local privileged attacker to arbitrarily trigger System Management Interrupt handlers, enabling execution at the SMM firmware level below the operating system security boundary. No public exploit code has been identified at time of analysis, and CISA KEV listing is not confirmed. The practical threat is post-compromise firmware persistence: an attacker already holding OS-level administrative privileges could use this flaw to manipulate firmware behavior in ways invisible to endpoint security tools, bypassing Secure Boot or implanting persistent code in System Management Mode.
Out-of-bounds write in Lenovo BIOS firmware across dozens of consumer and gaming laptop models enables a local attacker with high OS-level privileges to execute arbitrary code in System Management Mode (SMM) - a CPU execution context operating below the operating system and hypervisor with access to all system memory. Successful exploitation allows persistent firmware-level implants that survive OS reinstallation and defeat Secure Boot and standard endpoint detection tools. No public exploit has been identified at time of analysis, and this vulnerability is not listed in CISA KEV; however, SMM code execution represents one of the highest-impact firmware attack primitives available to an advanced threat actor.
SMM memory address disclosure in Lenovo laptop BIOS firmware exposes the location of protected System Management Mode (SMRAM) regions to a local privileged attacker. Dozens of Lenovo consumer, gaming, and business laptop product lines are affected across IdeaPad, Legion, Yoga, ThinkBook, LOQ, and V-series models. While the direct impact is confidentiality-only, SMRAM address disclosure is a classic prerequisite step in firmware-level attack chains that seek to bypass address-space protections and ultimately plant persistent SMM rootkits. No public exploit has been identified at time of analysis, and exploitation is not confirmed in CISA KEV.
Out-of-bounds write in Lenovo BIOS firmware across dozens of consumer and gaming laptop models enables a local privileged attacker to corrupt power management settings within System Management Mode, a CPU execution context operating below the OS kernel at Ring -2. Successful exploitation could allow persistent firmware-level tampering that survives OS reinstalls and reboots. No public exploit has been identified at time of analysis, and exploitation requires pre-existing high OS-level privileges, substantially limiting real-world risk to post-compromise scenarios.
Lenovo BIOS firmware across dozens of consumer and gaming laptop models - Legion, IdeaPad, Yoga, ThinkBook, LOQ, and V-series - contains a missing authentication flaw in the WMI-to-SMI interface that permits a local privileged attacker to arbitrarily trigger System Management Interrupt handlers, enabling execution at the SMM firmware level below the operating system security boundary. No public exploit code has been identified at time of analysis, and CISA KEV listing is not confirmed. The practical threat is post-compromise firmware persistence: an attacker already holding OS-level administrative privileges could use this flaw to manipulate firmware behavior in ways invisible to endpoint security tools, bypassing Secure Boot or implanting persistent code in System Management Mode.
Out-of-bounds write in Lenovo BIOS firmware across dozens of consumer and gaming laptop models enables a local attacker with high OS-level privileges to execute arbitrary code in System Management Mode (SMM) - a CPU execution context operating below the operating system and hypervisor with access to all system memory. Successful exploitation allows persistent firmware-level implants that survive OS reinstallation and defeat Secure Boot and standard endpoint detection tools. No public exploit has been identified at time of analysis, and this vulnerability is not listed in CISA KEV; however, SMM code execution represents one of the highest-impact firmware attack primitives available to an advanced threat actor.
SMM memory address disclosure in Lenovo laptop BIOS firmware exposes the location of protected System Management Mode (SMRAM) regions to a local privileged attacker. Dozens of Lenovo consumer, gaming, and business laptop product lines are affected across IdeaPad, Legion, Yoga, ThinkBook, LOQ, and V-series models. While the direct impact is confidentiality-only, SMRAM address disclosure is a classic prerequisite step in firmware-level attack chains that seek to bypass address-space protections and ultimately plant persistent SMM rootkits. No public exploit has been identified at time of analysis, and exploitation is not confirmed in CISA KEV.
Out-of-bounds write in Lenovo BIOS firmware across dozens of consumer and gaming laptop models enables a local privileged attacker to corrupt power management settings within System Management Mode, a CPU execution context operating below the OS kernel at Ring -2. Successful exploitation could allow persistent firmware-level tampering that survives OS reinstalls and reboots. No public exploit has been identified at time of analysis, and exploitation requires pre-existing high OS-level privileges, substantially limiting real-world risk to post-compromise scenarios.