7.2
CWE
787 121 119
Advisory Published
Updated

CVE-2022-34884: Buffer Overflow

First published: Mon Jan 30 2023(Updated: )

A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of service.

Credit: psirt@lenovo.com

Affected SoftwareAffected VersionHow to fix
Lenovo Thinkagile Vx3331 Firmware<1.80_afbt20n
Lenovo Thinkagile Vx3331
Lenovo Thinkagile Hx Enclosure Certified Node Firmware<5.20_tei3c8m
Lenovo Thinkagile Hx Enclosure Certified Node
Lenovo Thinkagile Hx1021 Firmware<3.60_tei386m
Lenovo Thinkagile Hx1021
Lenovo Thinkagile Hx1320 Firmware<8.40-cdi394n
Lenovo Thinkagile Hx1320
Lenovo Thinkagile Hx1321 Firmware<8.40-cdi394n
Lenovo Thinkagile Hx1321
Lenovo Thinkagile Hx1520-r Firmware<8.40-cdi394n
Lenovo Thinkagile Hx1520-r
Lenovo Thinkagile Hx1521-r Firmware<8.40-cdi394n
Lenovo Thinkagile Hx1521-r
Lenovo Thinkagile Hx2320-e Firmware<8.40-cdi394n
Lenovo Thinkagile Hx2320-e
Lenovo Thinkagile Hx2321 Firmware<8.40-cdi394n
Lenovo Thinkagile Hx2321
Lenovo Thinkagile Hx2720-e Firmware<5.20_tei3c8m
Lenovo Thinkagile Hx2720-e
Lenovo Thinkagile Hx3320 Firmware<8.40-cdi394n
Lenovo Thinkagile Hx3320
Lenovo Thinkagile Hx3321 Firmware<8.40-cdi394n
Lenovo Thinkagile Hx3321
Lenovo Thinkagile Hx3375 Firmware<4.10_d8bt38l
Lenovo Thinkagile Hx3375
Lenovo Thinkagile Hx3376 Firmware<4.10_d8bt38l
Lenovo Thinkagile Hx3376
Lenovo Thinkagile Hx3520-g Firmware<8.40-cdi394n
Lenovo Thinkagile Hx3520-g
Lenovo Thinkagile Hx3521-g Firmware<8.40-cdi394n
Lenovo Thinkagile Hx3521-g
Lenovo Thinkagile Hx3720 Firmware<5.20_tei3c8m
Lenovo Thinkagile Hx3720
Lenovo Thinkagile Hx3721 Firmware<5.20_tei3c8m
Lenovo Thinkagile Hx3721
Lenovo Thinkagile Hx5520 Firmware<8.40-cdi394n
Lenovo Thinkagile Hx5520
Lenovo Thinkagile Hx5520-c Firmware<8.40-cdi394n
Lenovo Thinkagile Hx5520-c
Lenovo Thinkagile Hx5521 Firmware<8.40-cdi394n
Lenovo Thinkagile Hx5521
Lenovo Thinkagile Hx5521-c Firmware<8.40-cdi394n
Lenovo Thinkagile Hx5521-c
Lenovo Thinkagile Hx7520 Firmware<8.40-cdi394n
Lenovo Thinkagile Hx7520
Lenovo Thinkagile Hx7521 Firmware<8.40-cdi394n
Lenovo Thinkagile Hx7521
Lenovo Thinkagile Hx7820 Firmware<2.50_psi346l
Lenovo Thinkagile Hx7820
Lenovo Thinkagile Hx7821 Firmware<2.50_psi346l
Lenovo Thinkagile Hx7821
Lenovo Thinkagile Mx1020 Firmware<=3.60_tei386m
Lenovo Thinkagile Mx1020
Lenovo Thinkagile Mx3330-f Firmware<1.80_afbt20n
Lenovo Thinkagile Mx3330-f
Lenovo Thinkagile Mx3330-h Firmware<1.80_afbt20n
Lenovo Thinkagile Mx3330-h
Lenovo Thinkagile Mx3331-f Firmware<1.80_afbt20n
Lenovo Thinkagile Mx3331-f
Lenovo Thinkagile Mx3331-h Firmware<1.80_afbt20n
Lenovo Thinkagile Mx3331-h
Lenovo Thinkagile Mx3530 F Firmware<1.80_afbt20n
Lenovo Thinkagile Mx3530 F
Lenovo Thinkagile Mx3530-h Firmware<1.80_afbt20n
Lenovo Thinkagile Mx3530-h
Lenovo Thinkagile Mx3531-f Firmware<1.80_afbt20n
Lenovo Thinkagile Mx3531-f
Lenovo Thinkagile Mx3531 H Firmware<1.80_afbt20n
Lenovo Thinkagile Mx3531 H
Lenovo Thinkagile Mx1021 Firmware<3.60_tei386m
Lenovo Thinkagile Mx1021
Lenovo Thinkagile Vx 1se Certified Node Firmware<5.20_tei3c8m
Lenovo Thinkagile Vx 1se Certified Node
Lenovo Thinkagile Vx 2u4n Firmware<5.20_tei3c8m
Lenovo Thinkagile Vx 2u4n
Lenovo Thinkagile Vx 4u Firmware<2.50_psi346l
Lenovo Thinkagile Vx 4u
Lenovo Thinkagile Vx1320 Firmware<5.20_tei3c8m
Lenovo Thinkagile Vx1320
Lenovo Thinkagile Vx2320 Firmware<8.40-cdi394n
Lenovo Thinkagile Vx2320
Lenovo Thinkagile Vx2330 Firmware<1.80_afbt20n
Lenovo Thinkagile Vx2330
Lenovo Thinkagile Vx3320 Firmware<8.40-cdi394n
Lenovo Thinkagile Vx3320
Lenovo Thinkagile Vx3330 Firmware<1.80_afbt20n
Lenovo Thinkagile Vx3330
Lenovo Thinkagile Vx3520-g Firmware<8.40-cdi394n
Lenovo Thinkagile Vx3520-g
Lenovo Thinkagile Vx3530-g Firmware<1.80_afbt20n
Lenovo Thinkagile Vx3530-g
Lenovo Thinkagile Vx3720 Firmware<5.20_tei3c8m
Lenovo Thinkagile Vx3720
Lenovo Thinkagile Vx5520 Firmware<8.40-cdi394n
Lenovo Thinkagile Vx5520
Lenovo Thinkagile Vx5530 Firmware<1.80_afbt20n
Lenovo Thinkagile Vx5530
Lenovo Thinkagile Vx7320 N Firmware<8.40-cdi394n
Lenovo Thinkagile Vx7320 N
Lenovo Thinkagile Vx7330 Firmware<1.80_afbt20n
Lenovo Thinkagile Vx7330
Lenovo Thinkagile Vx7520 Firmware<8.40-cdi394n
Lenovo Thinkagile Vx7520
Lenovo Thinkagile Vx7520 N Firmware<8.40-cdi394n
Lenovo Thinkagile Vx7520 N
Lenovo Thinkagile Vx7530 Firmware<1.80_afbt20n
Lenovo Thinkagile Vx7530
Lenovo Thinkagile Vx7531 Firmware<1.80_afbt20n
Lenovo Thinkagile Vx7531
Lenovo Thinkagile Vx7820 Firmware<2.50_psi346l
Lenovo Thinkagile Vx7820
Lenovo Thinkedge Se450 Firmware<1.10_usx304w
Lenovo Thinkedge Se450
Lenovo Thinkstation P920 Firmware<8.40-cdi394n
Lenovo Thinkstation P920
Lenovo Thinksystem Sd530 Firmware<5.20_tei3c8m
Lenovo Thinksystem Sd530
Lenovo Thinksystem Sd630 V2 Firmware<2.00_tgbt36o
Lenovo Thinksystem Sd630 V2
Lenovo Thinksystem Sd650 Dwc Firmware<5.20_tei3c8m
Lenovo Thinksystem Sd650 Dwc
Lenovo Thinksystem Sd650 V2 Firmware<2.00_tgbt36o
Lenovo Thinksystem Sd650 V2
Lenovo Thinksystem Sd650-n V2 Firmware<2.00_tgbt36o
Lenovo Thinksystem Sd650-n V2
Lenovo Thinksystem Se350 Firmware<3.60_tei386m
Lenovo Thinksystem Se350
Lenovo Thinksystem Sn550 Firmware<5.20_tei3c8m
Lenovo Thinksystem Sn550
Lenovo Thinksystem Sn550 V2 Firmware<2.00_tgbt36o
Lenovo Thinksystem Sn550 V2
Lenovo Thinksystem Sn850 Firmware<5.20_tei3c8m
Lenovo Thinksystem Sn850
Lenovo Thinksystem Sr150 Firmware<5.20_tei3c8m
Lenovo Thinksystem Sr150
Lenovo Thinksystem Sr158 Firmware<5.20_tei3c8m
Lenovo Thinksystem Sr158
Lenovo Thinksystem Sr250 Firmware<5.20_tei3c8m
Lenovo Thinksystem Sr250
Lenovo Thinksystem Sr250 V2 Firmware<1.96_tgbt34x
Lenovo Thinksystem Sr250 V2
Lenovo Thinksystem Sr258 Firmware<5.20_tei3c8m
Lenovo Thinksystem Sr258
Lenovo Thinksystem Sr258 V2 Firmware<1.96_tgbt34x
Lenovo Thinksystem Sr258 V2
Lenovo Thinksystem Sr530 Firmware<8.40-cdi394n
Lenovo Thinksystem Sr530
Lenovo Thinksystem Sr550 Firmware<8.40-cdi394n
Lenovo Thinksystem Sr550
Lenovo Thinksystem Sr570 Firmware<8.40-cdi394n
Lenovo Thinksystem Sr570
Lenovo Thinksystem Sr590 Firmware<8.40-cdi394n
Lenovo Thinksystem Sr590
Lenovo Thinksystem Sr630 Firmware<8.40-cdi394n
Lenovo Thinksystem Sr630
Lenovo Thinksystem Sr630 V2 Firmware<1.80_afbt20n
Lenovo Thinksystem Sr630 V2
Lenovo Thinksystem Sr645 Firmware<4.10_d8bt38l
Lenovo Thinksystem Sr645
Lenovo Thinksystem Sr650 Firmware<8.40-cdi394n
Lenovo Thinksystem Sr650
Lenovo Thinksystem Sr650 V2 Firmware<1.80_afbt20n
Lenovo Thinksystem Sr650 V2
Lenovo Thinksystem Sr665 Firmware<4.10_d8bt38l
Lenovo Thinksystem Sr665
Lenovo Thinksystem Sr670 Firmware<3.60_tei386m
Lenovo Thinksystem Sr670
Lenovo Thinksystem Sr670 V2 Firmware<2.00_tgbt36o
Lenovo Thinksystem Sr670 V2
Lenovo Thinksystem Sr850 Firmware<5.20_tei3c8m
Lenovo Thinksystem Sr850
Lenovo Thinksystem Sr850 V2 Firmware<2.00_tgbt36o
Lenovo Thinksystem Sr850 V2
Lenovo Thinksystem Sr850p Firmware<3.60_tei386m
Lenovo Thinksystem Sr850p
Lenovo Thinksystem Sr860 Firmware<5.20_tei3c8m
Lenovo Thinksystem Sr860
Lenovo Thinksystem Sr860 V2 Firmware<2.00_tgbt36o
Lenovo Thinksystem Sr860 V2
Lenovo Thinksystem Sr950 Firmware<2.50_psi346l
Lenovo Thinksystem Sr950
Lenovo Thinksystem St250 Firmware<5.20_tei3c8m
Lenovo Thinksystem St250
Lenovo Thinksystem St250 V2 Firmware<1.96_tgbt34x
Lenovo Thinksystem St250 V2
Lenovo Thinksystem St258 Firmware<5.20_tei3c8m
Lenovo Thinksystem St258
Lenovo Thinksystem St258 V2 Firmware<1.96_tgbt34x
Lenovo Thinksystem St258 V2
Lenovo Thinksystem St550 Firmware<8.40-cdi394n
Lenovo Thinksystem St550
Lenovo Thinksystem St650 V2 Firmware<2.00_tgbt36o
Lenovo Thinksystem St650 V2
Lenovo Thinksystem St658 V2 Firmware<2.00_tgbt36o
Lenovo Thinksystem St658 V2

Remedy

Update to the Lenovo XClarity Controller (XCC) version (or higher) as recommended in the Product Impact section in LEN-87734.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203