First published: Wed Nov 08 2023(Updated: )
A buffer overflow was reported in the FmpSipoCapsuleDriver driver in the IdeaPad Duet 3-10IGL5 that may allow a local attacker with elevated privileges to execute arbitrary code.
Credit: psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo Ideapad Duet 3 10igl5 Firmware | <eqcn39ww | |
Lenovo Ideapad Duet 3 10igl5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-5075.
The severity of CVE-2023-5075 is medium.
The affected software is Lenovo Ideapad Duet 3 10igl5 Firmware.
A local attacker with elevated privileges can exploit CVE-2023-5075 by executing arbitrary code.
Yes, Lenovo Ideapad Duet 3 10igl5 is vulnerable to CVE-2023-5075.
To fix CVE-2023-5075, apply the latest firmware update provided by Lenovo.
More information about CVE-2023-5075 can be found on the Lenovo Product Security website.