Skip to main content

Thinkcentre Neo 70T Gen 3 Firmware

15 CVEs product

Monthly

CVE-2023-43581 MEDIUM This Month

A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-43580 MEDIUM This Month

A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-43579 MEDIUM This Month

A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-43578 MEDIUM This Month

A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-43577 MEDIUM This Month

A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-43576 MEDIUM This Month

A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-43575 MEDIUM This Month

A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-43574 MEDIUM This Month

A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware Ideacentre 3 07Imb05 Firmware +108
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-43573 MEDIUM This Month

A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-43572 MEDIUM This Month

A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware Ideacentre 3 07Imb05 Firmware +108
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-43571 MEDIUM This Month

A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-43570 MEDIUM This Month

A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware Ideacentre 3 07Imb05 Firmware Ideacentre 5 14Iab7 Firmware +107
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-43569 MEDIUM This Month

A buffer overflow was reported in the OemSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-43568 MEDIUM This Month

A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware Ideacentre 3 07Imb05 Firmware +108
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2023-43567 MEDIUM This Month

A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
CVSS 3.1
6.7
EPSS
0.2%
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo +111
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo +111
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo +111
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo +111
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo +111
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo +111
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow was reported in the UltraFunctionTable module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo +111
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Lenovo Ideacentre C5 14Imb05 Firmware +110
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo +111
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Lenovo Ideacentre C5 14Imb05 Firmware +110
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo +111
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Ideacentre C5 14Imb05 Firmware Ideacentre 3 07Ada05 Firmware +109
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow was reported in the OemSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo +111
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A buffer over-read was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Lenovo Ideacentre C5 14Imb05 Firmware +110
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Lenovo +111
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy