Details of VAR-202301-2262

ID

VAR-202301-2262

CVE

CVE-2022-40135

TITLE

plural Lenovo Out-of-bounds read vulnerability in model

Trust: 0.8

sources: JVNDB: JVNDB-2022-012877

DESCRIPTION

An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. plural Lenovo An out-of-bounds read vulnerability exists in the model.Information may be obtained

Trust: 1.71

sources: NVD: CVE-2022-40135 // JVNDB: JVNDB-2022-012877 // VULMON: CVE-2022-40135

AFFECTED PRODUCTS

vendor:	lenovo	model:	v55t-15api	scope:	lt	version:	o4dkt43a	Trust: 1.0
vendor:	lenovo	model:	legion t5-26iob6	scope:	lt	version:	o54kt1da	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m6600t	scope:	lt	version:	fwktbaa	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m75n	scope:	lt	version:	m33kt25a	Trust: 1.0
vendor:	lenovo	model:	v30a-22iml	scope:	lt	version:	m37kt28a	Trust: 1.0
vendor:	lenovo	model:	v50t-13iob g2	scope:	lt	version:	m3gkt33a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m70c	scope:	lt	version:	m2vkt1da	Trust: 1.0
vendor:	lenovo	model:	qt m410	scope:	lt	version:	m16kt68a	Trust: 1.0
vendor:	lenovo	model:	thinkstation p340	scope:	lt	version:	s08kt50a	Trust: 1.0
vendor:	lenovo	model:	thinksmart core \& controller full room kit\: microsoft teams rooms	scope:	eq	version:	-	Trust: 1.0
vendor:	lenovo	model:	v520	scope:	lt	version:	m16kt68a	Trust: 1.0
vendor:	lenovo	model:	thinksmart core \& controller kit\: zoom rooms	scope:	eq	version:	-	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m60e tiny	scope:	lt	version:	m3skt21a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m75t gen 2	scope:	lt	version:	m46kt2da	Trust: 1.0
vendor:	lenovo	model:	thinkstation p520c	scope:	lt	version:	s03kt55a	Trust: 1.0
vendor:	lenovo	model:	ideacentre c5-14imb05	scope:	lt	version:	o4hkt38a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m720t	scope:	lt	version:	m1ukt67a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m818z	scope:	lt	version:	m1ekt25a	Trust: 1.0
vendor:	lenovo	model:	v530-15icb	scope:	lt	version:	m1ykt70a	Trust: 1.0
vendor:	lenovo	model:	thinksystem st58	scope:	lt	version:	ite123e	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m75q gen 2	scope:	lt	version:	m47kt24a	Trust: 1.0
vendor:	lenovo	model:	ideacentre t540-15ama g	scope:	lt	version:	m2ckt4da	Trust: 1.0
vendor:	lenovo	model:	v530-15arr	scope:	lt	version:	o4dkt43a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m710s	scope:	lt	version:	m16kt68a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m75s gen 2	scope:	lt	version:	m46kt2da	Trust: 1.0
vendor:	lenovo	model:	v330-20icb	scope:	lt	version:	m1qkt47a	Trust: 1.0
vendor:	lenovo	model:	thinksmart core \& controller kit\: microsoft teams rooms	scope:	eq	version:	-	Trust: 1.0
vendor:	lenovo	model:	ideacentre 510s-07ick	scope:	lt	version:	m30kt26a	Trust: 1.0
vendor:	lenovo	model:	thinksmart core device for logitech	scope:	eq	version:	-	Trust: 1.0
vendor:	lenovo	model:	qt b415	scope:	lt	version:	m16kt68a	Trust: 1.0
vendor:	lenovo	model:	v30a-24iml	scope:	lt	version:	m37kt28a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m910x	scope:	lt	version:	m1akt56a	Trust: 1.0
vendor:	lenovo	model:	ideacentre a340-22igm	scope:	lt	version:	o51kt12a	Trust: 1.0
vendor:	lenovo	model:	ideacentre 5-14imb05	scope:	lt	version:	o4hkt38a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m820z	scope:	lt	version:	m1nkt58a	Trust: 1.0
vendor:	lenovo	model:	ideacentre 510a-15arr	scope:	lt	version:	o4dkt43a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m920x	scope:	lt	version:	m1ukt67a	Trust: 1.0
vendor:	lenovo	model:	ideacentre 510a-15ick	scope:	lt	version:	o4kkt16a	Trust: 1.0
vendor:	lenovo	model:	ideacentre gaming 5 17iab7	scope:	lt	version:	m42kt40a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m720s	scope:	lt	version:	m1ukt67a	Trust: 1.0
vendor:	lenovo	model:	legion t5-28icb05	scope:	lt	version:	o4bkt20a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m70q gen 3	scope:	lt	version:	m43kt16a	Trust: 1.0
vendor:	lenovo	model:	thinksmart core device for poly	scope:	eq	version:	-	Trust: 1.0
vendor:	lenovo	model:	v35s-07ada	scope:	lt	version:	o4fkt29a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m920s	scope:	lt	version:	m1ukt67a	Trust: 1.0
vendor:	lenovo	model:	ideacentre gaming 5-14iob6	scope:	lt	version:	m3gkt33a	Trust: 1.0
vendor:	lenovo	model:	ideacentre t540-15ick	scope:	lt	version:	o4kkt16a	Trust: 1.0
vendor:	lenovo	model:	thinkstation p330 tiny	scope:	lt	version:	m1ukt67a	Trust: 1.0
vendor:	lenovo	model:	ideacentre gaming 5 17acn7	scope:	lt	version:	o5ekt21a	Trust: 1.0
vendor:	lenovo	model:	stadia ggp-120	scope:	lt	version:	s03kt55a	Trust: 1.0
vendor:	lenovo	model:	ideacentre 3 07iab7	scope:	lt	version:	m49kt1da	Trust: 1.0
vendor:	lenovo	model:	ideacentre 510-15ick	scope:	lt	version:	o4kkt16a	Trust: 1.0
vendor:	lenovo	model:	ideacentre g5-14amr05	scope:	lt	version:	o4zkt29a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m70q	scope:	lt	version:	m2wkt57a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m610	scope:	lt	version:	m1akt56a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m6600q	scope:	lt	version:	fwktbaa	Trust: 1.0
vendor:	lenovo	model:	thinkstation p620	scope:	lt	version:	s07kt25a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m920q	scope:	lt	version:	m1ukt67a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m75q-1	scope:	lt	version:	m2fkt2da	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m720e	scope:	lt	version:	m30kt26a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m810z	scope:	lt	version:	m1ckt49a	Trust: 1.0
vendor:	lenovo	model:	thinkstation p520	scope:	lt	version:	s03kt55a	Trust: 1.0
vendor:	lenovo	model:	thinkstation p310	scope:	lt	version:	fwktbaa	Trust: 1.0
vendor:	lenovo	model:	qt m415	scope:	lt	version:	m16kt68a	Trust: 1.0
vendor:	lenovo	model:	v530s-07icb	scope:	lt	version:	m22kt48a	Trust: 1.0
vendor:	lenovo	model:	ideacentre 3-07ada05	scope:	lt	version:	o4fkt29a	Trust: 1.0
vendor:	lenovo	model:	v50s-07imb	scope:	lt	version:	m2vkt1da	Trust: 1.0
vendor:	lenovo	model:	v50t-13imb	scope:	lt	version:	o4hkt38a	Trust: 1.0
vendor:	lenovo	model:	legion t530-28apr	scope:	lt	version:	o4gkt16a	Trust: 1.0
vendor:	lenovo	model:	v530-15icr	scope:	lt	version:	m2ykt31a	Trust: 1.0
vendor:	lenovo	model:	thinkstation p348	scope:	lt	version:	m3kkt34a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m920t	scope:	lt	version:	m1ukt67a	Trust: 1.0
vendor:	lenovo	model:	ideacentre g5-14imb05	scope:	lt	version:	o4hkt38a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre neo 50t gen 3	scope:	lt	version:	m42kt40a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre e96z	scope:	lt	version:	m26kt22a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m70a	scope:	lt	version:	m2skt25a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m90a gen2	scope:	lt	version:	m3lkt26a	Trust: 1.0
vendor:	lenovo	model:	v50a-22imb	scope:	lt	version:	m36kt28a	Trust: 1.0
vendor:	lenovo	model:	yoga a940-27icb	scope:	lt	version:	o43kt43a	Trust: 1.0
vendor:	lenovo	model:	thinkstation p320 tiny	scope:	lt	version:	m1akt56a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m910q	scope:	lt	version:	m1akt56a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m80q	scope:	lt	version:	m2wkt57a	Trust: 1.0
vendor:	lenovo	model:	v520s	scope:	lt	version:	m16kt68a	Trust: 1.0
vendor:	lenovo	model:	thinkstation p350 tiny	scope:	lt	version:	m3jkt34a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m710e	scope:	lt	version:	m1zkt38a	Trust: 1.0
vendor:	lenovo	model:	ideacentre 510s-07icb	scope:	lt	version:	m22kt47a	Trust: 1.0
vendor:	lenovo	model:	v530-24icb	scope:	lt	version:	m20kt52a	Trust: 1.0
vendor:	lenovo	model:	ideacentre 5-14iob6	scope:	lt	version:	m3gkt33a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m710t	scope:	lt	version:	m16kt68a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre neo 50s gen 3	scope:	lt	version:	m49kt1da	Trust: 1.0
vendor:	lenovo	model:	ideacentre 5-14are05	scope:	lt	version:	o4zkt29a	Trust: 1.0
vendor:	lenovo	model:	thinkstation p340 tiny	scope:	lt	version:	m2wkt57a	Trust: 1.0
vendor:	lenovo	model:	legion t530-28icb	scope:	lt	version:	o4bkt20a	Trust: 1.0
vendor:	lenovo	model:	legion t7-34imz5	scope:	lt	version:	o4lkt1ea	Trust: 1.0
vendor:	lenovo	model:	thinksmart hub teams	scope:	lt	version:	m2xkt20a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m75s-1	scope:	lt	version:	m2ckt4da	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m715q	scope:	lt	version:	m11kt54a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m6600s	scope:	lt	version:	fwktbaa	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m710q	scope:	lt	version:	m1akt56a	Trust: 1.0
vendor:	lenovo	model:	thinkstation p318	scope:	lt	version:	m1akt56a	Trust: 1.0
vendor:	lenovo	model:	ideacentre a340-24igm	scope:	lt	version:	o51kt12a	Trust: 1.0
vendor:	lenovo	model:	qitian a815	scope:	lt	version:	m1rkt38a	Trust: 1.0
vendor:	lenovo	model:	thinksmart hub zoom	scope:	lt	version:	m2xkt20a	Trust: 1.0
vendor:	lenovo	model:	thinkstation p350	scope:	lte	version:	s0akt34a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m70t gen 3	scope:	lt	version:	m41kt2da	Trust: 1.0
vendor:	lenovo	model:	ideacentre gaming 5-14acn6	scope:	lt	version:	o5ekt21a	Trust: 1.0
vendor:	lenovo	model:	yangtian afq150	scope:	lt	version:	fwktbaa	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m70a gen 2	scope:	lt	version:	m3nkt20a	Trust: 1.0
vendor:	lenovo	model:	thinksmart core \& controller full room kit\: zoom rooms	scope:	eq	version:	-	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m715t	scope:	lt	version:	m2ckt4da	Trust: 1.0
vendor:	lenovo	model:	v530s-07icr	scope:	lt	version:	m30kt26a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m70q gen 2	scope:	lt	version:	m2wkt57a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre e75 t\/s	scope:	lt	version:	m16kt68a	Trust: 1.0
vendor:	lenovo	model:	ideacentre 5-14acn6	scope:	lt	version:	o5ekt21a	Trust: 1.0
vendor:	lenovo	model:	ideacentre 720-18apr	scope:	lt	version:	m25kt61a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m90a	scope:	lt	version:	m2rkt52a	Trust: 1.0
vendor:	lenovo	model:	v50a-24imb	scope:	lt	version:	m36kt28a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m90q gen 2	scope:	lt	version:	m3jkt34a	Trust: 1.0
vendor:	lenovo	model:	legion c530-19icb	scope:	lt	version:	o4bkt20a	Trust: 1.0
vendor:	lenovo	model:	v55t-15are	scope:	lt	version:	o4dkt43a	Trust: 1.0
vendor:	lenovo	model:	yta8900f	scope:	lt	version:	fwktbaa	Trust: 1.0
vendor:	lenovo	model:	v55t gen 2 13acn	scope:	lt	version:	o5jkt20a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m630e	scope:	lt	version:	m28kt37a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m70s gen 3	scope:	lt	version:	m41kt2da	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m910s	scope:	lt	version:	m1akt56a	Trust: 1.0
vendor:	lenovo	model:	ideacentre 3-07imb05	scope:	lt	version:	m2vkt1da	Trust: 1.0
vendor:	lenovo	model:	ideacentre 5 14iab7	scope:	lt	version:	m42kt40a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m625q	scope:	lt	version:	m1wkt45a	Trust: 1.0
vendor:	lenovo	model:	ideacentre creator 5-14iob6	scope:	lte	version:	m3gkt33a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m720q	scope:	lt	version:	m1ukt67a	Trust: 1.0
vendor:	lenovo	model:	thinksmart core device\: zoom rooms	scope:	eq	version:	-	Trust: 1.0
vendor:	lenovo	model:	v530-22icb	scope:	lt	version:	m20kt52a	Trust: 1.0
vendor:	lenovo	model:	thinkedge se30	scope:	lt	version:	m3fkt29a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m90q tiny	scope:	lt	version:	m2wkt57a	Trust: 1.0
vendor:	lenovo	model:	thinksystem st50	scope:	lt	version:	ite123e	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m725s	scope:	lt	version:	m25kt61a	Trust: 1.0
vendor:	lenovo	model:	thinkcentre m910t	scope:	lt	version:	m1akt56a	Trust: 1.0
vendor:	lenovo	model:	v540-24iwl	scope:	lt	version:	m29kt39a	Trust: 1.0
vendor:	lenovo	model:	ideacentre 5-14imb05	scope:	-	version:	-	Trust: 0.8
vendor:	lenovo	model:	ideacentre g5-14imb05	scope:	-	version:	-	Trust: 0.8
vendor:	lenovo	model:	ideacentre 5 14iab7	scope:	-	version:	-	Trust: 0.8
vendor:	lenovo	model:	ideacentre creator 5-14iob6	scope:	-	version:	-	Trust: 0.8
vendor:	lenovo	model:	thinkcentre e96z	scope:	-	version:	-	Trust: 0.8
vendor:	lenovo	model:	ideacentre 5-14acn6	scope:	-	version:	-	Trust: 0.8
vendor:	lenovo	model:	ideacentre c5-14imb05	scope:	-	version:	-	Trust: 0.8
vendor:	lenovo	model:	ideacentre 5-14iob6	scope:	-	version:	-	Trust: 0.8
vendor:	lenovo	model:	ideacentre 3-07imb05	scope:	-	version:	-	Trust: 0.8
vendor:	lenovo	model:	ideacentre 3 07iab7	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-012877 // NVD: CVE-2022-40135

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2022-40135
value:	MEDIUM
Trust: 1.0
psirt@lenovo.com:	CVE-2022-40135
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2022-012877
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202301-2382
value:	MEDIUM
Trust: 0.6

NVD:
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	0.8
impactScore:	3.6
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2022-012877
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-012877 // NVD: CVE-2022-40135 // NVD: CVE-2022-40135 // CNNVD: CNNVD-202301-2382

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.0
problemtype:	Out-of-bounds read (CWE-125) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-012877 // NVD: CVE-2022-40135

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202301-2382

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202301-2382

CONFIGURATIONS

sources: NVD: CVE-2022-40135

PATCH

title:	LEN-94953	url:	https://support.lenovo.com/us/en/product_security/len-94953	Trust: 0.8
title:	Lenovo Desktops Buffer error vulnerability fix	url:	http://123.124.177.30/web/xxk/bdxqbyid.tag?id=225282	Trust: 0.6
title:	-	url:	https://github.com/live-hack-cve/cve-2022-40135	Trust: 0.1

sources: VULMON: CVE-2022-40135 // JVNDB: JVNDB-2022-012877 // CNNVD: CNNVD-202301-2382

EXTERNAL IDS

db:	NVD	id:	CVE-2022-40135	Trust: 3.3
db:	LENOVO	id:	LEN-94953	Trust: 1.7
db:	JVNDB	id:	JVNDB-2022-012877	Trust: 0.8
db:	CNNVD	id:	CNNVD-202301-2382	Trust: 0.6
db:	VULMON	id:	CVE-2022-40135	Trust: 0.1

sources: VULMON: CVE-2022-40135 // JVNDB: JVNDB-2022-012877 // NVD: CVE-2022-40135 // CNNVD: CNNVD-202301-2382

REFERENCES

url:	https://support.lenovo.com/us/en/product_security/len-94953	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-40135	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-40135/	Trust: 0.6
url:	https://github.com/live-hack-cve/cve-2022-40135	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2022-40135 // JVNDB: JVNDB-2022-012877 // NVD: CVE-2022-40135 // CNNVD: CNNVD-202301-2382

SOURCES

db:	VULMON	id:	CVE-2022-40135
db:	JVNDB	id:	JVNDB-2022-012877
db:	NVD	id:	CVE-2022-40135
db:	CNNVD	id:	CNNVD-202301-2382

LAST UPDATE DATE

2023-12-18T13:06:17.844000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2022-40135	date:	2023-01-31T00:00:00
db:	JVNDB	id:	JVNDB-2022-012877	date:	2023-09-04T01:53:00
db:	NVD	id:	CVE-2022-40135	date:	2023-02-14T14:28:34.773
db:	CNNVD	id:	CNNVD-202301-2382	date:	2023-02-15T00:00:00

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2022-40135	date:	2023-01-30T00:00:00
db:	JVNDB	id:	JVNDB-2022-012877	date:	2023-09-04T00:00:00
db:	NVD	id:	CVE-2022-40135	date:	2023-01-30T22:15:12.257
db:	CNNVD	id:	CNNVD-202301-2382	date:	2023-01-30T00:00:00