Lenovo warns of UEFI/BIOS vulnerability

Stefan Mileschin · 15th July 2022, 08:38

On 70 of its laptops

Lenovo has released a security advisory to inform customers that more than 70 of its laptops are affected by a UEFI/BIOS vulnerability that can lead to arbitrary code execution.

Cybersecurity outfit ESET discovered a total of three buffer overflow vulnerabilities that can allow an attacker with local privileges to affected Lenovo devices to execute arbitrary code.

Lenovo says only one of the vulnerabilities (CVE-2022-1892) impacts every device, while the other two impact only a handful of laptops.

"The vulnerabilities can be exploited to achieve arbitrary code execution in the early phases of the platform boot, possibly allowing the attackers to hijack the OS execution flow and disable some important security features," ESET explained.

"These vulnerabilities were caused by insufficient validation of DataSize parameter passed to the UEFI Runtime Services function GetVariable. An attacker could create a specially crafted NVRAM variable, causing buffer overflow of the Data buffer in the second GetVariable call," it said.

https://fudzilla.com/news/55150-leno...-vulnerability

15th July 2022, 08:38	#1
Stefan Mileschin [M] Reviewer Join Date: May 2010 Location: Romania Posts: 153,575	Lenovo warns of UEFI/BIOS vulnerability On 70 of its laptops Lenovo has released a security advisory to inform customers that more than 70 of its laptops are affected by a UEFI/BIOS vulnerability that can lead to arbitrary code execution. Cybersecurity outfit ESET discovered a total of three buffer overflow vulnerabilities that can allow an attacker with local privileges to affected Lenovo devices to execute arbitrary code. Lenovo says only one of the vulnerabilities (CVE-2022-1892) impacts every device, while the other two impact only a handful of laptops. "The vulnerabilities can be exploited to achieve arbitrary code execution in the early phases of the platform boot, possibly allowing the attackers to hijack the OS execution flow and disable some important security features," ESET explained. "These vulnerabilities were caused by insufficient validation of DataSize parameter passed to the UEFI Runtime Services function GetVariable. An attacker could create a specially crafted NVRAM variable, causing buffer overflow of the Data buffer in the second GetVariable call," it said. https://fudzilla.com/news/55150-leno...-vulnerability

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
AMD Releases BIOS for Radeon VII with UEFI GOP	Stefan Mileschin	WebNews	0	12th February 2019 09:30
How to Enable Intel VT-x in Your Computer’s BIOS or UEFI Firmware	Stefan Mileschin	WebNews	0	10th April 2015 11:25
How to Secure Your Computer With a BIOS or UEFI Password	Stefan Mileschin	WebNews	0	4th April 2014 07:34
What You Need to Know About Using UEFI Instead of the BIOS	Stefan Mileschin	WebNews	0	18th November 2013 13:43
Phoenix Technologies Launches EDK II Compatible UEFI BIOS	Stefan Mileschin	WebNews	0	29th November 2012 10:29
American Megatrends Introduces New Aptio V UEFI BIOS Firmware	Stefan Mileschin	WebNews	0	8th October 2012 08:49
ASRock UEFI BIOS Gets Web-Update Feature	Stefan Mileschin	WebNews	0	19th July 2012 08:43
GIGABYTE 3D BIOS With Dual UEFI BIOS	Stefan Mileschin	WebNews	0	9th November 2011 12:33
Know-How: UEFI - Only graphical BIOS or more? @ ocaholic	Stefan Mileschin	WebNews	0	20th October 2011 07:46
MSI's Click BIOS - Evaluating UEFI	jmke	WebNews	0	19th January 2009 16:57