CWE
120
Advisory Published
Updated

CVE-2022-3742

First published: Wed Aug 23 2023(Updated: )

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation.

Credit: psirt@lenovo.com psirt@lenovo.com

Affected SoftwareAffected VersionHow to fix
Lenovo Ideapad 1 14iau7 Firmware<jkcn34ww
Lenovo Ideapad 1 14iau7
Lenovo Ideapad 1 14igl7 Firmware<kkcn15ww
Lenovo Ideapad 1 14igl7
Lenovo Ideapad 1 15iau7 Firmware<jkcn34ww
Lenovo Ideapad 1 15iau7
Lenovo Ideapad 1 15igl7 Firmware<kkcn15ww
Lenovo Ideapad 1 15igl7
Lenovo Ideapad 1-14ijl7 Firmware<htcn31ww
Lenovo Ideapad 1-14ijl7
Lenovo Ideapad 1-15ijl7 Firmware<htcn31ww
Lenovo Ideapad 1-15ijl7
Lenovo Ideapad 3 14iau7 Firmware<jkcn34ww
Lenovo Ideapad 3 14iau7
Lenovo Ideapad 3 15iau7 Firmware<jkcn34ww
Lenovo Ideapad 3 15iau7
Lenovo Ideapad 3 17iau7 Firmware<jkcn34ww
Lenovo Ideapad 3 17iau7
Lenovo Ideapad 3-15igl05 Firmware<dvcn28ww
Lenovo Ideapad 3-15igl05
Lenovo Ideapad 3-17iil05 Firmware<emcn56ww
Lenovo Ideapad 3-17iil05
Lenovo Ideapad 3-17itl6 Firmware<ggcn51ww
Lenovo Ideapad 3-17itl6
Lenovo Ideapad 5 15ial7 Firmware<jbcn27ww
Lenovo Ideapad 5 15ial7
Lenovo Ideapad 5-15itl05 Firmware<fhcn70ww
Lenovo Ideapad 5-15itl05
Lenovo L3-15iml05 Firmware<ejcn30ww
Lenovo L3-15iml05
Lenovo L3-15itl6 Firmware<gfcn29ww
Lenovo L3-15itl6
Lenovo Legion 5 15iah7 Firmware<j2cn49ww
Lenovo Legion 5 15iah7
Lenovo Legion 5 15iah7h Firmware<j2cn49ww
Lenovo Legion 5 15iah7h
Lenovo Legion 5 Pro 16iah7 Firmware<j2cn49ww
Lenovo Legion 5 Pro 16iah7
Lenovo Legion 5 Pro 16iah7h Firmware<j2cn49ww
Lenovo Legion 5 Pro 16iah7h
Lenovo Legion 5 Pro-16ith6 Firmware<h1cn52ww
Lenovo Legion 5 Pro-16ith6
Lenovo Legion 5 Pro-16ith6h Firmware<h1cn52ww
Lenovo Legion 5 Pro-16ith6h
Lenovo Legion 5-15imh05 Firmware<efcn58ww
Lenovo Legion 5-15imh05
Lenovo Legion 5-15imh05h Firmware<efcn58ww
Lenovo Legion 5-15imh05h
Lenovo Legion 5-15imh6 Firmware<g8cn22ww
Lenovo Legion 5-15imh6
Lenovo Legion 5-15ith6 Firmware<h1cn52ww
Lenovo Legion 5-15ith6
Lenovo Legion 5-15ith6h Firmware<h1cn52ww
Lenovo Legion 5-15ith6h
Lenovo Legion 5-17imh05 Firmware<efcn58ww
Lenovo Legion 5-17imh05
Lenovo Legion 5-17imh05h Firmware<efcn58ww
Lenovo Legion 5-17imh05h
Lenovo Legion 5-17ith6 Firmware<h1cn52ww
Lenovo Legion 5-17ith6
Lenovo Legion 5-17ith6h Firmware<h1cn52ww
Lenovo Legion 5-17ith6h
Lenovo Legion 5p-15imh05 Firmware<efcn58ww
Lenovo Legion 5p-15imh05
Lenovo Legion 5p-15imh05h Firmware<efcn58ww
Lenovo Legion 5p-15imh05h
Lenovo Legion 7 16iax7 Firmware<k1cn40ww
Lenovo Legion 7 16iax7
Lenovo Legion 7-16ithg6 Firmware<h1cn52ww
Lenovo Legion 7-16ithg6
Lenovo S14 G2 Itl Firmware<ggcn51ww
Lenovo S14 G2 Itl
Lenovo S14 G3 Iap Firmware<jkcn34ww
Lenovo S14 G3 Iap
Lenovo Slim 7 14iap7 Firmware<jhcn28ww
Lenovo Slim 7 14iap7
Lenovo Slim 7 Carbon 13iap7 Firmware<k2cn34ww
Lenovo Slim 7 Carbon 13iap7
Lenovo Slim 7 Prox 14iah7 Firmware<hmcn41ww
Lenovo Slim 7 Prox 14iah7
Lenovo Slim 9 14iap7 Firmware<j3cn49ww
Lenovo Slim 9 14iap7
Lenovo Thinkbook 15p Imh Firmware<f6cn26ww
Lenovo Thinkbook 15p Imh
Lenovo V14 G2 Ijl Firmware<htcn31ww
Lenovo V14 G2 Ijl
Lenovo V14 G3 Iap Firmware<jkcn34ww
Lenovo V14 G3 Iap
Lenovo V15 G2 Ijl Firmware<htcn31ww
Lenovo V15 G2 Ijl
Lenovo V15 G3 Iap Firmware<jkcn34ww
Lenovo V15 G3 Iap
Lenovo V17 G3 Iap Firmware<jkcn34ww
Lenovo V17 G3 Iap
Lenovo S540-13itl Firmware<fzcn26ww
Lenovo S540-13itl
Lenovo Slim 7 Pro-14ihu5 Firmware<fjcn74ww
Lenovo Slim 7 Pro-14ihu5
Lenovo Slim 9-14itl05 Firmware<escn56ww
Lenovo Slim 9-14itl05
Lenovo Thinkbook 15p G2 Ith Firmware<hjcn32ww
Lenovo Thinkbook 15p G2 Ith
Lenovo V14 G1-iml Firmware<dxcn44ww
Lenovo V14 G1-iml
Lenovo V14 G2-itl Firmware<ggcn51ww
Lenovo V14 G2-itl
Lenovo V14-igl Firmware<dvcn28ww
Lenovo V14-igl
Lenovo V15 G1-iml Firmware<dxcn44ww
Lenovo V15 G1-iml
Lenovo V15 G2-itl Firmware<ggcn51ww
Lenovo V15 G2-itl
Lenovo V15-igl Firmware<dvcn28ww
Lenovo V15-igl
Lenovo V17 G2-itl Firmware<ggcn51ww
Lenovo V17 G2-itl
Lenovo V17-iil Firmware<emcn56ww
Lenovo V17-iil
Lenovo Yoga 7 14ial7 Firmware<j1cn35ww
Lenovo Yoga 7 14ial7
Lenovo Yoga 7 16iah7 Firmware<j1cn35ww
Lenovo Yoga 7 16iah7
Lenovo Yoga 7 16iap7 Firmware<j1cn35ww
Lenovo Yoga 7 16iap7
Lenovo Yoga 7-14itl5 Firmware<f5cn59ww
Lenovo Yoga 7-14itl5
Lenovo Yoga 7-15itl5 Firmware<f5cn59ww
Lenovo Yoga 7-15itl5
Lenovo Yoga 9 14iap7 Firmware<hncn42ww
Lenovo Yoga 9 14iap7
Lenovo Yoga Slim 7 Carbon 13iap7 Firmware<k2cn34ww
Lenovo Yoga Slim 7 Carbon 13iap7
Lenovo Yoga Slim 7 Pro 14iah7 Firmware<krcn14ww
Lenovo Yoga Slim 7 Pro 14iah7
Lenovo Yoga Slim 7 Pro 14iap7 Firmware<jhcn28ww
Lenovo Yoga Slim 7 Pro 14iap7
Lenovo Yoga Slim 7 Pro-14ihu5 Firmware<fjcn74ww
Lenovo Yoga Slim 7 Pro-14ihu5
Lenovo Yoga Slim 7 Pro-14ihu5 O Firmware<fjcn74ww
Lenovo Yoga Slim 7 Pro-14ihu5 O
Lenovo Yoga Slim 7 Pro-14itl5 Firmware<fjcn74ww
Lenovo Yoga Slim 7 Pro-14itl5
Lenovo Yoga Slim 7 Prox 14iah7 Firmware<hmcn41ww
Lenovo Yoga Slim 7 Prox 14iah7
Lenovo Yoga Slim 9 14iap7 Firmware<j3cn49ww
Lenovo Yoga Slim 9 14iap7
Lenovo Yoga Slim 9-14itl05 Firmware<escn56ww
Lenovo Yoga Slim 9-14itl05
Lenovo Ideapad 3-14igl05 Firmware<dvcn28ww
Lenovo Ideapad 3-14igl05
Lenovo Ideapad 3-14iil05 Firmware<emcn56ww
Lenovo Ideapad 3-14iil05
Lenovo Ideapad 3-14iml05 Firmware<dxcn44ww
Lenovo Ideapad 3-14iml05
Lenovo Ideapad 3-14itl05 Firmware<gccn32ww
Lenovo Ideapad 3-14itl05
Lenovo Ideapad 3-14itl6 Firmware<ggcn51ww
Lenovo Ideapad 3-14itl6
Lenovo Ideapad 3-15iil05 Firmware<emcn56ww
Lenovo Ideapad 3-15iil05
Lenovo Ideapad 3-15iml05 Firmware<dxcn44ww
Lenovo Ideapad 3-15iml05
Lenovo Ideapad 3-15itl05 Firmware<gccn32ww
Lenovo Ideapad 3-15itl05
Lenovo Ideapad 3-15itl6 Firmware<ggcn51ww
Lenovo Ideapad 3-15itl6
Lenovo Ideapad 3-17iml05 Firmware<dxcn44ww
Lenovo Ideapad 3-17iml05
Lenovo Ideapad 5-15iil05 Firmware<dpcn58ww
Lenovo Ideapad 5-15iil05
Lenovo Ideapad Creator 5-15imh05 Firmware<egcn40ww
Lenovo Ideapad Creator 5-15imh05
Lenovo Ideapad Gaming 3-15imh05 Firmware<egcn40ww
Lenovo Ideapad Gaming 3-15imh05

Remedy

Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-103710.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203