{ "id": "CVE-2023-4030", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-08-17T17:15:10.403", "lastModified": "2023-08-24T20:29:39.293", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt." }, { "lang": "es", "value": "Se ha reportado una vulnerabilidad en BIOS en ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, y T15 Gen 2 que podr\u00eda hacer que el sistema se recupere en configuraciones inseguras si el BIOS se corrompe." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 }, { "source": "psirt@lenovo.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH" }, "exploitabilityScore": 2.5, "impactScore": 5.9 } ] }, "weaknesses": [ { "source": "psirt@lenovo.com", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-636" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:thinkpad_t15_gen_2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "44ECDB6C-F7B1-46AD-A0D3-41C5BDC3A6A6" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:thinkpad_t15_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF9FB9A3-B1B5-42FF-9B07-0245E54237E3" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:thinkpad_p14s_gen_2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "68E8C048-B2DE-4167-ABDA-D8B429699A98" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:thinkpad_p14s_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE970F53-856F-4DFF-B845-A8C5A8B14C90" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:thinkpad_p15s_gen_2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2764465A-3477-4ABB-98B0-CD356CA35A0F" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:thinkpad_p15s_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "A4AE8F28-A87C-4F62-951D-92EE9952E4B1" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:lenovo:thinkpad_t14_gen_2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC7DE47A-4C00-4BE8-ABA5-294B9BAD5F41" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:lenovo:thinkpad_t14_gen_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD6A601D-0427-453F-B4A8-4EB9C18A58C6" } ] } ] } ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-134879", "source": "psirt@lenovo.com", "tags": [ "Vendor Advisory" ] } ] }