First published: Thu Aug 17 2023(Updated: )
A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.
Credit: psirt@lenovo.com psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo Legion 5 Pro 16iah7h Firmware | <j2cn51ww | |
Lenovo Legion 5 Pro 16iah7h | ||
Lenovo Legion 5 Pro 16iah7 Firmware | <j2cn51ww | |
Lenovo Legion 5 Pro 16iah7 | ||
Lenovo Legion 5 Pro 16arh7 Firmware | ||
Lenovo Legion 5 Pro 16arh7 | ||
Lenovo Legion 5 Pro 16arh7h Firmware | ||
Lenovo Legion 5 Pro 16arh7h | ||
Lenovo Legion 5 15arh7 Firmware | ||
Lenovo Legion 5 15arh7 | ||
Lenovo Legion 5 15arh7h Firmware | ||
Lenovo Legion 5 15arh7h | ||
Lenovo Legion 5 15iah7h Firmware | <j2cn51ww | |
Lenovo Legion 5 15iah7h | ||
Lenovo Legion 5 15iah7 Firmware | <j2cn51ww | |
Lenovo Legion 5 15iah7 | ||
Lenovo Legion 5 Pro-16ach6 Firmware | ||
Lenovo Legion 5 Pro-16ach6 | ||
Lenovo Legion 5 Pro-16ach6h Firmware | ||
Lenovo Legion 5 Pro-16ach6h | ||
Lenovo Legion 5 Pro-16ith6 Firmware | ||
Lenovo Legion 5 Pro-16ith6 | ||
Lenovo Legion 5 Pro-16ith6h Firmware | ||
Lenovo Legion 5 Pro-16ith6h | ||
Lenovo Legion 5-15ach6 Firmware | ||
Lenovo Legion 5-15ach6 | ||
Lenovo Legion 5-15ach6a Firmware | ||
Lenovo Legion 5-15ach6a | ||
Lenovo Legion 5-15ach6h Firmware | ||
Lenovo Legion 5-15ach6h | ||
Lenovo Legion 5-15ith6 Firmware | ||
Lenovo Legion 5-15ith6 | ||
Lenovo Legion 5-15ith6h Firmware | ||
Lenovo Legion 5-15ith6h | ||
Lenovo Legion 5-17ach6 Firmware | ||
Lenovo Legion 5-17ach6 | ||
Lenovo Legion 5-17ach6h Firmware | ||
Lenovo Legion 5-17ach6h | ||
Lenovo Legion 5-17ith6 Firmware | ||
Lenovo Legion 5-17ith6 | ||
Lenovo Legion 5-17ith6h Firmware | ||
Lenovo Legion 5-17ith6h | ||
Lenovo Legion 7-16arha7 Firmware | ||
Lenovo Legion 7-16arha7 | ||
Lenovo Legion 7-16achg6 Firmware | ||
Lenovo Legion 7-16achg6 | ||
Lenovo Legion 7-16ithg6 Firmware | ||
Lenovo Legion 7-16ithg6 | ||
Lenovo Legion Pro 5 16irx8 Firmware | <kwcn37ww | |
Lenovo Legion Pro 5 16irx8 | ||
Lenovo Legion Pro 7 16irx8 Firmware | <kwcn37ww | |
Lenovo Legion Pro 7 16irx8 | ||
Lenovo Legion Pro 7 16irx8h Firmware | <kwcn37ww | |
Lenovo Legion Pro 7 16irx8h | ||
Lenovo Legion S7 16arha7 Firmware | ||
Lenovo Legion S7 16arha7 | ||
Lenovo Thinkbook 16p G3 Arh Firmware | ||
Lenovo Thinkbook 16p G3 Arh | ||
Lenovo Thinkbook 15p G2 Ith Firmware | ||
Lenovo Thinkbook 15p G2 Ith |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-34419 is a buffer overflow vulnerability in the SetupUtility driver in some Lenovo Notebook products.
CVE-2023-34419 affects Lenovo Legion 5 Pro 16iah7h firmware versions up to j2cn51ww.
Yes, Lenovo Legion 5 Pro 16iah7h firmware versions up to j2cn51ww are vulnerable to CVE-2023-34419.
CVE-2023-34419 has a severity rating of 6.7 (medium severity).
To fix CVE-2023-34419, it is recommended to update your Lenovo Legion 5 Pro 16iah7h firmware to a version beyond j2cn51ww.