high
7.8
CWE
787 119
Advisory Published
Updated

CVE-2022-48181: Buffer Overflow

First published: Mon Jun 05 2023(Updated: )

An ErrorMessage driver stack-based buffer overflow vulnerability in BIOS of some ThinkPad models could allow an attacker with local access to elevate their privileges and execute arbitrary code.

Credit: psirt@lenovo.com

Affected SoftwareAffected VersionHow to fix
Lenovo Ideacentre C5-14IMB05<o4hkt3aa
Lenovo Ideacentre C5-14MB05 Firmware
Lenovo Ideacentre 3 07ACH7 Firmware<m4mkt12a
Lenovo Ideacentre 3 07ACH7 Firmware
Lenovo Ideacentre 3 07IAB7 Firmware<m49kt21a
Lenovo Ideacentre 3 07IAB7 Firmware
Lenovo Ideacentre 3-07ADA05 Firmware<o4fkt35a
Lenovo Ideacentre 3
Lenovo Ideacentre 3-07ADA05 Firmware<m4mkt12a
Lenovo Ideacentre 3-07IMB05 Firmware<m2vkt1ea
Lenovo Ideacentre 3-07IMB05 Firmware
Lenovo Ideacentre 5 14iab7 Firmware<m42kt42a
Lenovo Ideacentre 5 14iab7 firmware
Lenovo Ideacentre Gaming 5-14acn6 Firmware<o5ekt24a
Lenovo Ideacentre Gaming 5-14acn6 Firmware
Lenovo Ideacentre 5-14are05 Firmware<o4zkt2aa
Lenovo Ideacentre 5-14are05 Firmware
Lenovo Ideacentre 5-14IMB05 Firmware<o4hkt3aa
Lenovo ideacentre 5-14imb05 firmware
Lenovo Ideacentre Creator 5-14iob6 Firmware<m3gkt3aa
Lenovo Ideacentre Gaming 5-14iob6 Firmware
Lenovo Ideacentre AIO 3 21ITL7<o5akt33
Lenovo Ideacentre AIO 3 21ITL7 Firmware
Lenovo Ideacentre AIO 3 21ITL7<o5nkt32a
Lenovo Ideacentre AIO 3 22iap7 Firmware
Lenovo Ideacentre AIO 3 21ITL7<o5nkt32a
Lenovo Ideacentre AIO 3 24IAP7 Firmware
Lenovo Ideacentre AIO 3 27IAP7 Firmware<o5nkt32a
Lenovo Ideacentre AIO 3 27IAP7 Firmware
Lenovo ideacentre aio 3-27imb05<o5nkt32a
Lenovo ideacentre aio 3-22imb05 firmware
Lenovo Ideacentre AIO 3-22ITL6 Firmware<o5akt33
Lenovo Ideacentre AIO 3-22ITL6 Firmware
Lenovo Ideacentre AIO 3-24ALC6 Firmware<o5bkt25a
Lenovo Ideacentre AIO 3-24ALC6 Firmware
Lenovo Ideacentre AIO 3-24IMB05<o5nkt32a
Lenovo Ideacentre AIO 3-24IMB05
Lenovo ideacentre aio 3-24itl6<o5akt33
Lenovo Ideacentre AIO 3-24ITL6 Firmware
Lenovo Ideacentre AIO 3-27ALC6 Firmware<o5bkt25a
Lenovo Ideacentre AIO 3-27ALC6 Firmware
Lenovo ideacentre aio 3-27imb05<o5nkt32a
Lenovo Ideacentre AIO 3-27IMB05
Lenovo ideacentre aio 3-27itl6 firmware<o5akt33
Lenovo ideacentre aio 3-27itl6 firmware
Lenovo Ideacentre AIO 5 24IAH7<o5rkt39a
Lenovo Ideacentre AIO 5 24IAH7 Firmware
Lenovo Ideacentre AIO 5 27IAH7<o5rkt39a
Lenovo Ideacentre AIO 5 27IAH7
Lenovo Ideacentre Creator 5-14iob6 Firmware<m3gkt3aa
Lenovo Ideacentre Creator 5-14iob6 Firmware
Lenovo Ideacentre G5-14AMR05 firmware<o4zkt2aa
Lenovo ideacentre G5-14AMR05 firmware
Lenovo Ideacentre G5-14IMB05 Firmware<o4hkt3aa
Lenovo IdeaCentre G5-14AMR05 Firmware
Lenovo Ideacentre Gaming 5 17ACN7 Firmware<o5ekt24a
Lenovo Ideacentre Gaming 5 17acn7 Firmware
Lenovo Ideacentre Gaming 5 17iab7<m42kt42a
Lenovo Ideacentre Gaming 5 17IAB7
Lenovo Ideacentre Gaming 5-14acn6 Firmware<o5ekt24a
Lenovo Ideacentre Gaming 5-14acn6 Firmware
Lenovo Ideacentre Creator 5-14iob6<m3gkt3aa
Lenovo Ideacentre Gaming 5-14iob6 Firmware
Lenovo Ideacentre Mini 5<o53kt0ea
Lenovo Ideacentre Mini 5
Lenovo Ideacentre Mini 5-01imh05 Firmware<o4ekt19a
Lenovo Ideacentre Mini 5-01imh05 Firmware
Lenovo Legion C530-19ICB<o4bkt22a
Lenovo Legion C530-19ICB Firmware
Lenovo Legion R5-28IMB05<o4nkt1da
Lenovo Legion R5-28IMB05 Firmware
Lenovo Legion T5-26AMR5 Firmware<o4mkt2da
Lenovo Legion T5-26AMR5 Firmware
Lenovo Legion T5-26iob6 Firmware<o54kt22a
Lenovo Legion T5-26iob6 Firmware
Lenovo Legion T5-28ICB05 Firmware<o4bkt22a
Lenovo Legion T5-28ICB05 Firmware
Lenovo Legion T5-28IMB05<o4nkt1da
Lenovo Legion T5-28IMB05 Firmware
Lenovo Legion T530-28ICB<o4bkt22a
Lenovo Legion T530-28ICB Firmware
Lenovo Legion T7-34IAZ7 Firmware<o5hkt2aa
Lenovo Legion T7-34IAZ7 Firmware
Lenovo Legion T7-34IMZ5<o4lkt20a
Lenovo Legion T7-34IMZ5
Lenovo Legion T7-34IMZ5<o5fkt15a
Lenovo Legion T5 26IAB7 Firmware<o5lkt29a
Lenovo Legion T5 26IAB7 Firmware
Lenovo ThinkCentre M600 Firmware<m00kt68a
Lenovo ThinkCentre M600 Firmware
Lenovo ThinkCentre M60e Tiny<m3skt25a
Lenovo ThinkCentre M60e Tiny
Lenovo ThinkCentre M625q<m1wkt50a
Lenovo ThinkCentre M625q Firmware
Lenovo Thinkcentre M70c Firmware<m2vkt1ea
Lenovo Thinkcentre M70c Firmware
Lenovo Thinkcentre M70q Firmware<m2wkt59a
Lenovo Thinkcentre M70q Firmware
Lenovo Thinkcentre M70q Gen 2 Firmware<m3jkt37a
Lenovo Thinkcentre M70q Gen 2 Firmware
Lenovo Thinkcentre M70q Gen 3<m43kt1ba
Lenovo Thinkcentre M70q Firmware
Lenovo ThinkCentre M70s Firmware<m2tkt52a
Lenovo ThinkCentre M70s Gen 3
Lenovo ThinkCentre M70s Gen 3<m41kt3da
Lenovo ThinkCentre M70s
Lenovo Ideacentre M70t Firmware<m2tkt52a
Lenovo ThinkCentre M70t
Lenovo ThinkCentre M70t Gen 3 Firmware<m41kt3da
Lenovo Ideacentre M70t Gen 3 Firmware
Lenovo ThinkCentre M720e<m1zkt40a
Lenovo ThinkCentre M720e
Lenovo ThinkCentre M720q Firmware<m1ukt70a
Lenovo ThinkCentre M720q
Lenovo ThinkCentre M720s Firmware<m1ukt70a
Lenovo ThinkCentre M720s
Lenovo Ideacentre M720t Firmware<m1ukt70a
Lenovo ThinkCentre M720t
Lenovo ThinkCentre M725s Firmware<m25kt63a
Lenovo ThinkCentre M725s Firmware
Lenovo Thinkcentre M75n<m33kt27a
Lenovo Thinkcentre M75n
Lenovo Ideacentre M75s Gen 2 Firmware<m46kt30a
Lenovo Ideacentre M75s Gen 2 Firmware
Lenovo Ideacentre M75s Gen 2 Firmware<m3bkt2fa
Lenovo Ideacentre M75s Gen 2 Firmware<m3akt4ca
Lenovo Ideacentre M75s-1 Firmware<m2ckt4fa
Lenovo Ideacentre M75s-1 Firmware
Lenovo Ideacentre M75t Gen 2<m46kt30a
Lenovo Thinkcentre M75t Gen 2 Firmware
Lenovo Ideacentre M75t Gen 2<m3bkt2fa
Lenovo Ideacentre M75t Gen 2<m3akt4ca
Lenovo Ideacentre M80q<m2wkt59a
Lenovo Ideacentre M80q
Lenovo ThinkCentre M80q Gen 3 Firmware<m4gkt23a
Lenovo ThinkCentre M80q Gen 3
Lenovo Ideacentre M80s Firmware<m2tkt52a
Lenovo ThinkCentre M80s Gen 3
Lenovo ThinkCentre M80s Gen 3<m40kt3da
Lenovo ThinkCentre M80s Gen 3 Firmware
Lenovo ThinkCentre M80t Firmware<m2tkt52a
Lenovo ThinkCentre M80t Gen 3
Lenovo ThinkCentre M80t Firmware<m40kt3da
Lenovo Ideacentre M80t
Lenovo Thinkcentre M90a Gen 2 Firmware<m2rkt56a
Lenovo ThinkCentre M90a Tiny
Lenovo ThinkCentre M90a (Gen 2) Firmware<m3lkt28a
Lenovo Ideacentre M90a Gen 2 Firmware
Lenovo ThinkCentre M90a Gen 3 Firmware<m4ikt19a
Lenovo ThinkCentre M90a Gen 3 Firmware
Lenovo ThinkCentre M90a Pro Gen 3 Firmware<m4hkt19a
Lenovo ThinkCentre M90a Pro Gen 3 Firmware
Lenovo Ideacentre M90q Gen 2 Firmware<m3jkt37a
Lenovo Ideacentre M90q Gen 2 Firmware
Lenovo ThinkCentre M90q Gen 3 Firmware<m4gkt23a
Lenovo Ideacentre M90q Gen 3
Lenovo Ideacentre M90q Tiny Firmware<m2wkt59a
Lenovo ThinkCentre M90q Gen 3
Lenovo ThinkCentre M90s Firmware<m2tkt52a
Lenovo ThinkCentre M90s Gen 3
Lenovo ThinkCentre M90s Gen 3<m40kt3da
Lenovo ThinkCentre M90s Gen 3
Lenovo ThinkCentre M90t Firmware<m2tkt52a
Lenovo ThinkCentre M90t Gen 3
Lenovo ThinkCentre M90t Gen 3 Firmware<m40kt3da
Lenovo ThinkCentre M90t Gen 3 Firmware
Lenovo Ideacentre M920q Firmware<m1ukt70a
Lenovo ThinkCentre M920q
Lenovo ThinkCentre M920s Firmware<m1ukt70a
Lenovo ThinkCentre M920s Firmware
Lenovo Ideacentre M920t Firmware<m1ukt70a
Lenovo ThinkCentre M920t
Lenovo Ideacentre M920x Firmware<m1ukt70a
Lenovo Ideacentre M920x
Lenovo ThinkCentre M920z All-in-One Firmware<m1mkt55a
Lenovo ThinkCentre M920z All-in-One
Lenovo ThinkCentre Neo 30a 22 Gen 3<o5nkt32a
Lenovo ThinkCentre Neo 30a 22 Gen 3 Firmware
Lenovo ThinkCentre Neo 30a 24 Gen 3<o5nkt32a
Lenovo ThinkCentre Neo 30a 24 Gen 3
Lenovo ThinkCentre Neo 30A 27 Gen 3<o5nkt32a
Lenovo ThinkCentre Neo 30A 27 Gen 3
Lenovo Thinkcentre Neo 50s Gen 3 Firmware<m49kt21a
Lenovo Thinkcentre Neo 50s Gen 3 Firmware
Lenovo ThinkCentre Neo 50T Gen 3 Firmware<m42kt42a
Lenovo ThinkCentre Neo 50T Gen 3 Firmware
Lenovo ThinkCentre Neo 70T Gen 3 Firmware<m40kt3da
Lenovo ThinkCentre Neo 70T Gen 3 Firmware
Lenovo ThinkCentre T540-15AMA G Firmware<m2ckt4fa
Lenovo ThinkCentre T540-15AMA G Firmware
Lenovo ideacentre 510s-07icb<m22kt49a
Lenovo ideacentre 510s-07icb firmware
Lenovo ideacentre 510s-07ick<m30kt28a
Lenovo ideacentre 510s-07ick firmware
Lenovo ideacentre 510s-07ick<m1zkt40a
Lenovo ideacentre 720-18icb firmware<m25kt63a
Lenovo Ideacentre 720-18APR Firmware
Lenovo V30a-22ITL<o5akt33
Lenovo V30a-22ITL
Lenovo v30a-24itl<o5akt33
Lenovo v30a-24itl firmware
Lenovo V35s-07ADA<m4mkt12a
Lenovo V35s-07ada Firmware
Lenovo V50s-07imb<m2vkt1ea
Lenovo V50s-07imb
Lenovo V50t-13imb G2 Firmware<o4hkt3aa
Lenovo V50t-13imb G2 Firmware
Lenovo V50t-13iob G2<m3gkt3aa
Lenovo V50t-13iob
Lenovo V530s-07ICB<m22kt49a
Lenovo v530s-07icb firmware
Lenovo V530s-07ICB<m1zkt40a
Lenovo V530s-07ICB
Lenovo V55t Gen 2 13ACN<o5jkt23a
Lenovo V55t Gen 2 13ACN
Lenovo ThinkStation P320 Firmware<s06kt63a
Lenovo ThinkStation P320 Workstation
Lenovo ThinkStation P330 Tiny Workstation Firmware<m1ukt70a
Lenovo ThinkStation P330 Tiny
Lenovo ThinkStation P330s Firmware<m1vkt6fa
Lenovo Thinkstation P330 Workstation
Lenovo ThinkStation P330 Gen 2 Firmware<m1vkt6fa
Lenovo ThinkStation P330 Gen 2 Firmware
Lenovo ThinkStation P340t Firmware<m2wkt59a
Lenovo Thinkstation P340 Tiny Workstation
Lenovo Thinkstation P340 Tiny Workstation Firmware<s08kt53a
Lenovo ThinkStation P340s Firmware
Lenovo ThinkStation P350 Tiny Firmware<m3jkt37a
Lenovo Thinkstation P350 Tiny Workstation
Lenovo ThinkStation P350 Firmware<s0akt39a
Lenovo Thinkstation P350 Workstation
Lenovo Thinkstation P360 Tiny Firmware<m4gkt23a
Lenovo Thinkstation P360
Lenovo ThinkStation P360 Ultra Firmware<s0ekt40a
Lenovo ThinkStation P360 Tiny
Lenovo ThinkStation P360 Ultra Firmware<s0ekt43a

Remedy

Update system firmware to the version (or newer) indicated for your model in the related Lenovo product security advisory:  https://support.lenovo.com/us/en/product_security/LEN-124495 https://support.lenovo.com/us/en/product_security/LEN-124495

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-48181?

    The severity of CVE-2022-48181 is considered high due to the potential for local privilege escalation and arbitrary code execution.

  • How do I fix CVE-2022-48181?

    To fix CVE-2022-48181, update the BIOS firmware of the affected Lenovo devices to the latest version provided by Lenovo.

  • What are the affected models for CVE-2022-48181?

    CVE-2022-48181 affects several Lenovo Ideacentre and ThinkCentre models, including specific versions of the Ideacentre C5-14IMB05 and Ideacentre 3.

  • Can CVE-2022-48181 be exploited remotely?

    No, CVE-2022-48181 requires local access to the system to exploit the vulnerability.

  • Is there a public exploit for CVE-2022-48181?

    As of now, no public exploits for CVE-2022-48181 have been reported.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203