NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Keyword (text search): cpe:2.3:o:lenovo:yoga_slim_7_carbon_13iap7_firmware:-:*:*:*:*:*:*:*
CPE Name Search: true

There are 5 matching records.

Displaying matches 1 through 5.

Vuln ID	Summary	CVSS Severity
CVE-2022-3746	A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller (EC) interface. Published: August 23, 2023; 4:15:08 PM -0400	V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available)
CVE-2022-3745	A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI. Published: August 23, 2023; 4:15:08 PM -0400	V4.0:(not available) V3.1: 4.4 MEDIUM V2.0:(not available)
CVE-2022-3744	A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential. Published: August 23, 2023; 4:15:08 PM -0400	V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available)
CVE-2022-3743	A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller (EC) commands. Published: August 23, 2023; 4:15:08 PM -0400	V4.0:(not available) V3.1: 4.4 MEDIUM V2.0:(not available)
CVE-2022-3742	A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation. Published: August 23, 2023; 4:15:08 PM -0400	V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available)