Heads up, Lenovo customers! Your laptop computer would possibly simply want a significant replace as Lenovo addressed quite a few UEFI firmware vulnerabilities with the most recent launch. These vulnerabilities affect over 70 totally different Lenovo laptop computer fashions, requiring pressing updates.
Lenovo UEFI Firmware Vulnerabilities
In keeping with a brand new advisory, Lenovo has just lately mounted a number of safety vulnerabilities in its UEFI firmware. Particularly, they’ve patched three totally different bugs within the firmware that riddles the safety of greater than 70 Lenovo laptop computer fashions.
These bugs embrace,
- CVE-2022-1890: buffer overflow vulnerability within the ReadyBootDxe driver. Exploiting the bug might enable an adversary to achieve elevated privileges and execute arbitrary codes on the goal programs.
- CVE-2022-1891: buffer overflow vulnerability within the SystemLoadDefaultDxe driver. Exploiting this bug might result in native privilege escalation, permitting an attacker for arbitrary code execution.
- CVE-2022-1892: one other buffer overflow vulnerability. This bug affected the SystemBootManagerDxe driver, permitting native privilege escalation and subsequent code execution to an adversary.
Lenovo has shared an in depth checklist of all impacted fashions of their advisory, which incorporates quite a few laptops from Lenovo Flex, IdeaPad, ThinkBook, Yoga, and Yoga Slim sequence. Customers can try the advisory to know if their respective system fashions are talked about within the checklist. If discovered, customers should rush to replace their system firmware with the most recent patched model on the earliest.
Whereas safety updates all the time demand quick consideration, such bugs that have an effect on the firmware are particularly crucial owing to their affect. In keeping with ESET researchers who discovered these vulnerabilities in Lenovo UEFI firmware, exploiting these bugs might enable an attacker to hijack OS execution circulation.
Concerning the affect of this vulnerability, ESET researchers defined of their tweet,
These vulnerabilities have been attributable to inadequate validation of DataSize parameter handed to the UEFI Runtime Providers operate GetVariable. An attacker might create a specifically crafted NVRAM variable, inflicting buffer overflow of the Information buffer within the second GetVariable name.
In addition they clarify that detecting such vulnerabilities is feasible by way of the IDA plugin efiXplorer plugin as properly. Though, the plugin couldn’t detect these respective flaws on the time of discovery, it might now achieve this to assist different researchers discover comparable bugs rapidly.
Tell us your ideas within the feedback.