🛡️ CVE-2022-40136
🟡 CVSS 4.4 — Medium ✅ No Known Exploit CWE-125 NVD
4.4
CVSS Score
0 Low4 Medium7 High9 Critical10

Description

An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.

Details

Severity MEDIUM
CVSS Score 4.4
CVSS Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE CWE-125
Public Exploit ✅ No
Source NVD
Published 2023-01-30
Updated 2026-06-08
Modified 2024-11-21
Fix URL N/A

Affected Packages

Software From version Fixed in
ideacentre-3-07ada05-firmware o4fkt29a
ideacentre-3-07iab7-firmware m49kt1da
ideacentre-3-07imb05-firmware m2vkt1da
ideacentre-5-14acn6-firmware o5ekt21a
ideacentre-5-14are05-firmware o4zkt29a
ideacentre-5-14iab7-firmware m42kt40a
ideacentre-5-14imb05-firmware o4hkt38a
ideacentre-5-14iob6-firmware m3gkt33a
ideacentre-510-15ick-firmware o4kkt16a
ideacentre-510a-15arr-firmware o4dkt43a
ideacentre-510a-15ick-firmware o4kkt16a
ideacentre-510s-07icb-firmware m22kt47a
ideacentre-510s-07ick-firmware m30kt26a
ideacentre-720-18apr-firmware m25kt61a
ideacentre-a340-22igm-firmware o51kt12a
ideacentre-a340-24igm-firmware o51kt12a
ideacentre-c5-14imb05-firmware o4hkt38a
ideacentre-creator-5-14iob6-firmware m3gkt33a
ideacentre-g5-14amr05-firmware o4zkt29a
ideacentre-g5-14imb05-firmware o4hkt38a
ideacentre-gaming-5-14acn6-firmware o5ekt21a
ideacentre-gaming-5-14iob6-firmware m3gkt33a
ideacentre-gaming-5-17acn7-firmware o5ekt21a
ideacentre-gaming-5-17iab7-firmware m42kt40a
ideacentre-t540-15ama-g-firmware m2ckt4da
ideacentre-t540-15ick-firmware o4kkt16a
legion-c530-19icb-firmware o4bkt20a
legion-t5-26iob6-firmware o54kt1da
legion-t5-28icb05-firmware o4bkt20a
legion-t530-28apr-firmware o4gkt16a
legion-t530-28icb-firmware o4bkt20a
legion-t7-34imz5-firmware o4lkt1ea
qitian-a815-firmware m1rkt38a
qt-b415-firmware m16kt68a
qt-m410-firmware m16kt68a
qt-m415-firmware m16kt68a
stadia-ggp-120-firmware s03kt55a
thinkcentre-e75-t\/s-firmware m16kt68a
thinkcentre-e96z-firmware m26kt22a
thinkcentre-m60e-tiny-firmware m3skt21a
thinkcentre-m610-firmware m1akt56a
thinkcentre-m625q-firmware m1wkt45a
thinkcentre-m630e-firmware m28kt37a
thinkcentre-m6600q-firmware fwktbaa
thinkcentre-m6600s-firmware fwktbaa
thinkcentre-m6600t-firmware fwktbaa
thinkcentre-m70a-firmware m2skt25a
thinkcentre-m70a-gen-2-firmware m3nkt20a
thinkcentre-m70c-firmware m2vkt1da
thinkcentre-m70q-firmware m2wkt57a
thinkcentre-m70q-gen-2-firmware m2wkt57a
thinkcentre-m70q-gen-3-firmware m43kt16a
thinkcentre-m70s-firmware m2tkt50a
thinkcentre-m70s-gen-3-firmware m41kt2da
thinkcentre-m70t-firmware m2tkt50a
thinkcentre-m70t-gen-3-firmware m41kt2da
thinkcentre-m710e-firmware m1zkt38a
thinkcentre-m710q-firmware m1akt56a
thinkcentre-m710s-firmware m16kt68a
thinkcentre-m710t-firmware m16kt68a
thinkcentre-m715q-firmware m11kt54a
thinkcentre-m715t-firmware m2ckt4da
thinkcentre-m720e-firmware m30kt26a
thinkcentre-m720q-firmware m1ukt67a
thinkcentre-m720s-firmware m1ukt67a
thinkcentre-m720t-firmware m1ukt67a
thinkcentre-m725s-firmware m25kt61a
thinkcentre-m75n-firmware m33kt25a
thinkcentre-m75q-1-firmware m2fkt2da
thinkcentre-m75q-gen-2-firmware m47kt24a
thinkcentre-m75s-1-firmware m2ckt4da
thinkcentre-m75s-gen-2-firmware m46kt2da
thinkcentre-m75t-gen-2-firmware m46kt2da
thinkcentre-m800-firmware fwktbfa
thinkcentre-m80q-firmware m2wkt57a
thinkcentre-m80s-firmware m2tkt50a
thinkcentre-m80t-firmware m2tkt50a
thinkcentre-m810z-firmware m1ckt49a
thinkcentre-m818z-firmware m1ekt25a
thinkcentre-m820z-firmware m1nkt58a
thinkcentre-m900-firmware fwktbfa
thinkcentre-m900x-firmware fwktbfa
thinkcentre-m90a-firmware m2rkt52a
thinkcentre-m90a-gen2-firmware m3lkt26a
thinkcentre-m90q-gen-2-firmware m3jkt34a
thinkcentre-m90q-tiny-firmware m2wkt57a
thinkcentre-m90s-firmware m2tkt50a
thinkcentre-m910q-firmware m1akt56a
thinkcentre-m910s-firmware m1akt56a
thinkcentre-m910t-firmware m1akt56a
thinkcentre-m910x-firmware m1akt56a
thinkcentre-m920q-firmware m1ukt67a
thinkcentre-m920s-firmware m1ukt67a
thinkcentre-m920t-firmware m1ukt67a
thinkcentre-m920x-firmware m1ukt67a
thinkcentre-neo-50s-gen-3-firmware m49kt1da
thinkcentre-neo-50t-gen-3-firmware m42kt40a
thinkedge-se30-firmware m3fkt29a
thinksmart-core-\&-controller-full-room-kit\
thinksmart-core-\&-controller-kit\
thinksmart-core-device-for-logitech-firmware
thinksmart-core-device-for-poly-firmware
thinksmart-core-device\
thinksmart-hub-teams-firmware m2xkt20a
thinksmart-hub-zoom-firmware m2xkt20a
thinkstation-p310-firmware fwktbaa
thinkstation-p318-firmware m1akt56a
thinkstation-p320-firmware s06kt59a
thinkstation-p320-tiny-firmware m1akt56a
thinkstation-p330-tiny-firmware m1ukt67a
thinkstation-p340-firmware s08kt50a
thinkstation-p340-tiny-firmware m2wkt57a
thinkstation-p348-firmware m3kkt34a
thinkstation-p350-firmware s0akt34a
thinkstation-p350-tiny-firmware m3jkt34a
thinkstation-p520-firmware s03kt55a
thinkstation-p520c-firmware s03kt55a
thinkstation-p620-firmware s07kt25a
thinkstation-p720-firmware s05kt62a
thinkstation-p920-firmware s05kt62a
thinksystem-st50-firmware ite123e
thinksystem-st58-firmware ite123e
v30a-22iml-firmware m37kt28a
v30a-24iml-firmware m37kt28a
v330-20icb-firmware m1qkt47a
v35s-07ada-firmware o4fkt29a
v50a-22imb-firmware m36kt28a
v50a-24imb-firmware m36kt28a
v50s-07imb-firmware m2vkt1da
v50t-13imb-firmware o4hkt38a
v50t-13iob-g2-firmware m3gkt33a
v520-firmware m16kt68a
v520s-firmware m16kt68a
v530-15arr-firmware o4dkt43a
v530-15icb-firmware m1ykt70a
v530-15icr-firmware m2ykt31a
v530-22icb-firmware m20kt52a
v530-24icb-firmware m20kt52a
v530s-07icb-firmware m22kt48a
v530s-07icr-firmware m30kt26a
v540-24iwl-firmware m29kt39a
v55t-15api-firmware o4dkt43a
v55t-15are-firmware o4dkt43a
v55t-gen-2-13acn-firmware o5jkt20a
yangtian-afq150-firmware fwktbaa
yoga-a940-27icb-firmware o43kt43a
yta8900f-firmware fwktbaa

Similar Threats

Site Security Check

Concerned your site may already be targeted?

BotEraser analyzes incoming traffic patterns and helps identify bot behavior consistent with known exploit attempts.

Check My Site Free →

No credit card required  ·  Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.