Lenovo has released a new BIOS version for certain laptop models in an attempt to fix three security flaws discovered by an ESET security researcher.
In April, Martin Smolár, a security researcher at ESET, discovered three security flaws present in the BIOS of some ESET machines. These vulnerabilities are associated with the following references: CVE-2022-3430, CVE-2022-3431, et CVE-2022-3432. Moreover, last April he had discovered another set of vulnerabilities, still in Lenovo devices and still at the firmware level. These first three vulnerabilities were corrected immediately, while for those mentioned in this article, it has just been done by Lenovo.
Within the Lenovo Security Bulletinwe can learn more about these three security flaws, and in particular about the affected devices.
– CVE-2022-3430 : This vulnerability, located in the WMI Setup driver, can allow an attacker with elevated privileges to modify the secure boot configuration by modifying an NVRAM variable.
– CVE-2022-3431 : This vulnerability, located in a driver used during hardware manufacturing, could allow an attacker with elevated privileges to modify the Secure Boot configuration by modifying an NVRAM variable.
– CVE-2022-3432 : This vulnerability only affects the Ideapad Y700-14ISK model and since it is no longer under support, Lenovo will not provide a fix!
These vulnerabilities involve having elevated privileges on the machine, so the interest is probably to be able to attack the BIOS of the machine in such a way as to position persistent malware, in particular by altering the Secure Boot configuration. .
The list of affected devices is quite long. Here are some models mentioned by Lenovo: IdeaPad 5 Pro, ThinkBook 13x, ThinkBook 14 G4, ThinkBook 15 G4, Yoga Slim 7, IdeaPad Creator 5, etc… Do not hesitate to check on the Lenovo site, knowing that a device can be affected by one vulnerability, but not another.
BIOS updates are now available on the Lenovo site: get your updates!
#BIOS #update #fixes #flaws