high
7.2
CWE
20 269
Advisory Published
Updated

CVE-2022-1107: Input Validation

First published: Fri Apr 22 2022(Updated: )

During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code.

Credit: psirt@lenovo.com

Affected SoftwareAffected VersionHow to fix
Lenovo ThinkPad 11e YOGA firmware<n15et78w
Lenovo ThinkPad 11e Chromebook
Lenovo ThinkPad Helix firmware<n17eta8w
Lenovo ThinkPad Helix firmware
Lenovo ThinkPad L560 Firmware<n1het85w
Lenovo ThinkPad L560 Firmware
Lenovo ThinkPad L570 Firmware<n1xet65w
Lenovo ThinkPad L570 Firmware
Lenovo ThinkPad P50s Firmware<n1ket46w
Lenovo ThinkPad P50s BIOS
Lenovo ThinkPad P51s (20HX) Firmware<n1vet50w
Lenovo ThinkPad P51s Firmware
Lenovo ThinkPad P52s Firmware<n27et36w
Lenovo ThinkPad P52s Firmware
Lenovo ThinkPad S540 Firmware<gpet80ww
Lenovo ThinkPad S540 BIOS
Lenovo ThinkPad T550 Firmware<n11et50w
Lenovo ThinkPad T550
Lenovo ThinkPad T560 Firmware<n1ket46w
Lenovo ThinkPad T560 Firmware
Lenovo ThinkPad T570 Firmware<n1vet50w
Lenovo ThinkPad T570 (20HX) Firmware
Lenovo ThinkPad T580 Firmware<n27et36w
Lenovo ThinkPad T580
Lenovo ThinkPad X1 Tablet BIOS<n1let86w
Lenovo ThinkPad X1 Tablet Gen 1 Firmware
Lenovo ThinkPad X1 Tablet Gen 2 Firmware<n1oet50w
Lenovo ThinkPad X1 Tablet Gen 2
Lenovo ThinkPad W540<gnet92ww
Lenovo ThinkPad W540 Firmware
Lenovo ThinkPad W541 Firmware<gnet92ww
Lenovo ThinkPad W541 Firmware
Lenovo ThinkPad W550s firmware<n11et50w
Lenovo ThinkPad W550s firmware
Lenovo ThinkPad X1 Carbon 3rd Gen<n14et52w
Lenovo ThinkPad X1 Carbon 3rd Gen
Lenovo ThinkPad X1 Carbon 4th Gen Firmware<n1fet70w
Lenovo ThinkPad X1 Carbon (4th Gen)
Lenovo ThinkPad X1 Carbon 5th Gen Firmware<n1met55w
Lenovo ThinkPad x1 carbon 5th gen kabylake firmware
Lenovo ThinkPad X1 Carbon 5th Gen<n1met55w
Lenovo ThinkPad X1 Carbon 5th Gen
Lenovo ThinkPad X1 Yoga (20SX) Firmware<n1fet70w
Lenovo ThinkPad X1 Yoga
Lenovo ThinkPad X1 Yoga Gen 2 Firmware<n1net47w
Lenovo ThinkPad X1 Yoga Gen 2 Firmware
Lenovo ThinkPad X1 Yoga 3rd Gen Firmware<n25et50w
Lenovo ThinkPad X1 Yoga
Lenovo ThinkPad x250 firmware<n10et58w
Lenovo ThinkPad x250 firmware
Lenovo ThinkPad X280 Firmware<n20et44w
Lenovo ThinkPad X280 Firmware
Lenovo ThinkPad X390 Firmware<n2let60w
Lenovo ThinkPad X390 Yoga
Lenovo ThinkPad 11e YOGA<n15et78w
Lenovo ThinkPad Yoga 11e Firmware
Lenovo ThinkPad Yoga 15 Firmware<n19et61w
Lenovo ThinkPad Yoga 15 Firmware
Lenovo ThinkPad Yoga 260 S1 Firmware<n1get98w
Lenovo ThinkPad Yoga 260 Firmware

Remedy

Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-84943.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-1107?

    CVE-2022-1107 has a high severity rating as it may allow an attacker with elevated privileges to execute code.

  • How do I fix CVE-2022-1107?

    To fix CVE-2022-1107, update the firmware of affected Lenovo ThinkPad models to the latest version available.

  • Which Lenovo ThinkPad models are affected by CVE-2022-1107?

    CVE-2022-1107 affects multiple Lenovo ThinkPad models including the 11e, Helix, P50s, P51s, and several others.

  • Can CVE-2022-1107 be exploited remotely?

    No, CVE-2022-1107 requires an attacker to have elevated privileges on the device for exploitation.

  • What type of vulnerability is CVE-2022-1107?

    CVE-2022-1107 is a firmware vulnerability related to the use of Boot Services in the SmmOEMInt15 SMI handler.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203