CVE-2022-3744

Home/CVE/A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local

CVE

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential.

MEDIUM · CVSS 6.7 EPSS 0.00028

Monitor

No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence

Sigma rules0 YARA rules0

⬡

Weakness Classification

CWE-798Use of Hard-coded Credentials

▤

Affected Products & Versions

lenovo ideapad 1 14iau7 firmware< jkcn34ww
lenovo ideapad 1 14igl7 firmware< kkcn15ww
lenovo ideapad 1 15iau7 firmware< jkcn34ww
lenovo ideapad 1 15igl7 firmware< kkcn15ww
lenovo ideapad 1-14ijl7 firmware< htcn31ww
lenovo ideapad 1-15ijl7 firmware< htcn31ww
lenovo ideapad 3 14iau7 firmware< jkcn34ww
lenovo ideapad 3 15iau7 firmware< jkcn34ww
Show all 60 affected productslenovo ideapad 3 17iau7 firmware< jkcn34ww
lenovo ideapad 3-15igl05 firmware< dvcn28ww
lenovo ideapad 3-17iil05 firmware< emcn56ww
lenovo ideapad 3-17itl6 firmware< ggcn51ww
lenovo ideapad 5 15ial7 firmware< jbcn27ww
lenovo ideapad 5-15itl05 firmware< fhcn70ww
lenovo l3-15iml05 firmware< ejcn30ww
lenovo l3-15itl6 firmware< gfcn29ww
lenovo legion 5 15iah7 firmware< j2cn49ww
lenovo legion 5 15iah7h firmware< j2cn49ww
lenovo legion 5 pro 16iah7 firmware< j2cn49ww
lenovo legion 5 pro 16iah7h firmware< j2cn49ww
lenovo legion 5 pro-16ith6 firmware< h1cn52ww
lenovo legion 5 pro-16ith6h firmware< h1cn52ww
lenovo legion 5-15imh05 firmware< efcn58ww
lenovo legion 5-15imh05h firmware< efcn58ww
lenovo legion 5-15imh6 firmware< g8cn22ww
lenovo legion 5-15ith6 firmware< h1cn52ww
lenovo legion 5-15ith6h firmware< h1cn52ww
lenovo legion 5-17imh05 firmware< efcn58ww
lenovo legion 5-17imh05h firmware< efcn58ww
lenovo legion 5-17ith6 firmware< h1cn52ww
lenovo legion 5-17ith6h firmware< h1cn52ww
lenovo legion 5p-15imh05 firmware< efcn58ww
lenovo legion 5p-15imh05h firmware< efcn58ww
lenovo legion 7 16iax7 firmware< k1cn40ww
lenovo legion 7-16ithg6 firmware< h1cn52ww
lenovo s14 g2 itl firmware< ggcn51ww
lenovo s14 g3 iap firmware< jkcn34ww
lenovo slim 7 14iap7 firmware< jhcn28ww
lenovo slim 7 carbon 13iap7 firmware< k2cn34ww
lenovo slim 7 prox 14iah7 firmware< hmcn41ww
lenovo slim 9 14iap7 firmware< j3cn49ww
lenovo thinkbook 15p imh firmware< f6cn26ww
lenovo v14 g2 ijl firmware< htcn31ww
lenovo v14 g3 iap firmware< jkcn34ww
lenovo v15 g2 ijl firmware< htcn31ww
lenovo v15 g3 iap firmware< jkcn34ww
lenovo v17 g3 iap firmware< jkcn34ww
lenovo s540-13itl firmware< fzcn26ww
lenovo slim 7 pro-14ihu5 firmware< fjcn74ww
lenovo slim 9-14itl05 firmware< escn56ww
lenovo thinkbook 15p g2 ith firmware< hjcn32ww
lenovo v14 g1-iml firmware< dxcn44ww
lenovo v14 g2-itl firmware< ggcn51ww
lenovo v14-igl firmware< dvcn28ww
lenovo v15 g1-iml firmware< dxcn44ww
lenovo v15 g2-itl firmware< ggcn51ww
lenovo v15-igl firmware< dvcn28ww
lenovo v17 g2-itl firmware< ggcn51ww
lenovo v17-iil firmware< emcn56ww
lenovo yoga 7 14ial7 firmware< j1cn35ww

▣

Scoring & Timeline

6.7

MEDIUM · CVSS v3.1 · psirt@lenovo.com

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD23 Aug 2023 · 08:15 PM

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

🔗

References & Sources

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

https://support.lenovo.com/us/en/product_security/LEN-103710Vendor Advisory

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin