[MART] - Daily Diary #551 - New Vulnerabilities Impact Lenovo Laptops

[CTAS-MAT]

Hello,

I hope everyone is doing well!

Below is the entry for today.

07/13/2022 - Diary entry #551:

This week, three new Buffer Overflow vulnerabilities were disclosed in the UEFI (Unified Extensible Firmware Interface) used in several laptop models made by Lenovo.

Tracked as CVE-2022-1890, CVE-2022-1891, and CVE-2022-1892, they received a medium score of severity which may allow an attacker with local privileges to execute arbitrary code. The first is a flaw in the ReadyBootDxe driver used in some Lenovo notebook products, and the others in the SystemLoadDefaultDxe and SystemBootManagerDxe drivers used in many Lenovo models, affecting 70 individual models.

The flaws come from an insufficient validation of an NVRAM variable called DataSize, leading to executing arbitrary code during the platform boot. By exploiting them, attackers can manipulate the OS execution flow and disable security features.

To protect against an attack exploiting those vulnerabilities, we recommend users of impacted devices to update their firmware to the latest version.

Kind Regards,

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>



Felipe Tarijon de Almeida
Malware Analyst
Appgate

E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20220713/fb31a224/attachment.htm>