🛡️ CVE-2022-3745
🟡 CVSS 4.4 — Medium ✅ No Known Exploit CWE-200 NVD
4.4
CVSS Score
0 Low4 Medium7 High9 Critical10

Description

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI.

Details

Severity MEDIUM
CVSS Score 4.4
CVSS Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE CWE-200
Public Exploit ✅ No
Source NVD
Published 2023-08-23
Updated 2026-06-08
Modified 2024-11-21
Fix URL N/A

Affected Packages

Software From version Fixed in
ideapad-1-14iau7-firmware jkcn34ww
ideapad-1-14igl7-firmware kkcn15ww
ideapad-1-14ijl7-firmware htcn31ww
ideapad-1-15iau7-firmware jkcn34ww
ideapad-1-15igl7-firmware kkcn15ww
ideapad-1-15ijl7-firmware htcn31ww
ideapad-3-14iau7-firmware jkcn34ww
ideapad-3-14igl05-firmware dvcn28ww
ideapad-3-14iil05-firmware emcn56ww
ideapad-3-14iml05-firmware dxcn44ww
ideapad-3-14itl05-firmware gccn32ww
ideapad-3-14itl6-firmware ggcn51ww
ideapad-3-15iau7-firmware jkcn34ww
ideapad-3-15igl05-firmware dvcn28ww
ideapad-3-15iil05-firmware emcn56ww
ideapad-3-15iml05-firmware dxcn44ww
ideapad-3-15itl05-firmware gccn32ww
ideapad-3-15itl6-firmware ggcn51ww
ideapad-3-17iau7-firmware jkcn34ww
ideapad-3-17iil05-firmware emcn56ww
ideapad-3-17iml05-firmware dxcn44ww
ideapad-3-17itl6-firmware ggcn51ww
ideapad-5-15ial7-firmware jbcn27ww
ideapad-5-15iil05-firmware dpcn58ww
ideapad-5-15itl05-firmware fhcn70ww
ideapad-creator-5-15imh05-firmware egcn40ww
ideapad-gaming-3-15imh05-firmware egcn40ww
l3-15iml05-firmware ejcn30ww
l3-15itl6-firmware gfcn29ww
legion-5-15iah7-firmware j2cn49ww
legion-5-15iah7h-firmware j2cn49ww
legion-5-15imh05-firmware efcn58ww
legion-5-15imh05h-firmware efcn58ww
legion-5-15imh6-firmware g8cn22ww
legion-5-15ith6-firmware h1cn52ww
legion-5-15ith6h-firmware h1cn52ww
legion-5-17imh05-firmware efcn58ww
legion-5-17imh05h-firmware efcn58ww
legion-5-17ith6-firmware h1cn52ww
legion-5-17ith6h-firmware h1cn52ww
legion-5-pro-16iah7-firmware j2cn49ww
legion-5-pro-16iah7h-firmware j2cn49ww
legion-5-pro-16ith6-firmware h1cn52ww
legion-5-pro-16ith6h-firmware h1cn52ww
legion-5p-15imh05-firmware efcn58ww
legion-5p-15imh05h-firmware efcn58ww
legion-7-16iax7-firmware k1cn40ww
legion-7-16ithg6-firmware h1cn52ww
s14-g2-itl-firmware ggcn51ww
s14-g3-iap-firmware jkcn34ww
s540-13itl-firmware fzcn26ww
slim-7-14iap7-firmware jhcn28ww
slim-7-carbon-13iap7-firmware k2cn34ww
slim-7-pro-14ihu5-firmware fjcn74ww
slim-7-prox-14iah7-firmware hmcn41ww
slim-9-14iap7-firmware j3cn49ww
slim-9-14itl05-firmware escn56ww
thinkbook-15p-g2-ith-firmware hjcn32ww
thinkbook-15p-imh-firmware f6cn26ww
v14-g1-iml-firmware dxcn44ww
v14-g2-ijl-firmware htcn31ww
v14-g2-itl-firmware ggcn51ww
v14-g3-iap-firmware jkcn34ww
v14-igl-firmware dvcn28ww
v15-g1-iml-firmware dxcn44ww
v15-g2-ijl-firmware htcn31ww
v15-g2-itl-firmware ggcn51ww
v15-g3-iap-firmware jkcn34ww
v15-igl-firmware dvcn28ww
v17-g2-itl-firmware ggcn51ww
v17-g3-iap-firmware jkcn34ww
v17-iil-firmware emcn56ww
yoga-7-14ial7-firmware j1cn35ww
yoga-7-14itl5-firmware f5cn59ww
yoga-7-15itl5-firmware f5cn59ww
yoga-7-16iah7-firmware j1cn35ww
yoga-7-16iap7-firmware j1cn35ww
yoga-9-14iap7-firmware hncn42ww
yoga-slim-7-carbon-13iap7-firmware k2cn34ww
yoga-slim-7-pro-14iah7-firmware krcn14ww
yoga-slim-7-pro-14iap7-firmware jhcn28ww
yoga-slim-7-pro-14ihu5-firmware fjcn74ww
yoga-slim-7-pro-14ihu5-o-firmware fjcn74ww
yoga-slim-7-pro-14itl5-firmware fjcn74ww
yoga-slim-7-prox-14iah7-firmware hmcn41ww
yoga-slim-9-14iap7-firmware j3cn49ww
yoga-slim-9-14itl05-firmware escn56ww

Similar Threats

Vulnerability Monitoring

Stay informed about vulnerabilities in your stack

BotEraser monitors your WordPress installation and notifies you when software you use appears in our vulnerability database.

Set Up Free Alerts →

No credit card required  ·  Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.