CVE-2022-3431

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Lenovo Notebook devices (affected versions not specified)

Description A potential issue in a driver used during the manufacturing process on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot settings by modifying an NVRAM variable.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2022-3431

Affected Products

Lenovo Notebook

CVE-2022-3431

Weakness Enumeration

Related Identifiers

Affected Products

References · 7