New UEFI Firmware Bugs in Lenovo Notebook Models Let Hackers Perform RCE
Three buffer overflow vulnerabilities possess been identified in the UEFI firmware dilapidated in a different of laptops made by Lenovo and can just furthermore be exploited by attackers for the reason for taking attend watch over of windows set up all the device in which by startup.
An advisory has been issued by Lenovo advising that they’ve chanced on three vulnerabilities that are labeled as medium severity.
It’s the ReadyBootDxe driver that is to blame for a pair of of the components showcase in Lenovo notebooks. In the final two circumstances, the driver SystemLoadDefaultDxe has overflow bugs on account of a buffer overflow.
There are a pair of objects that utilize this 2d driver, at the side of:
- Yoga
- IdeaPad
- Flex
- ThinkBook
- V14
- V15
- V130
- Slim
- S145
- S540
- S940 Lenovo lines
The discipline affects over 70 particular particular person objects in total. The attacker would possibly perchance well also just be ready to utilize these flaws in repeat to hijack the execution drift of the OS and then disable the safety functions by leveraging them.
Vulnerabilities Detected
Lenovo Notebook BIOS has been reported to possess the following vulnerabilities:-
- CVE-2022-1890: A buffer overflow has been identified in the ReadyBootDxe driver in some Lenovo notebook products which would possibly perchance well also just allow an attacker with local privileges to get arbitrary code.
- CVE-2022-1891: A buffer overflow has been identified in the SystemLoadDefaultDxe driver in some Lenovo notebook products which would possibly perchance well also just allow an attacker with local privileges to get arbitrary code.
- CVE-2022-1892: A buffer overflow has been identified in the SystemBootManagerDxe driver in some Lenovo notebook products which would possibly perchance well also just allow an attacker with local privileges to get arbitrary code.
The likelihood of an assault on the firmware of the UEFI system is excessively abominable. Since these attacks allow attackers to get malware early in the boot course of of an working system, it is vastly corrupt.
Mitigation
The affected devices ought to be updated to the latest driver version as quickly as most likely in repeat to deal with the safety likelihood. There would possibly perchance be a Lenovo utility download portal where that you would be in a position to also find the whole latest updates to your Lenovo pc pc.
It’s most likely you’ll maybe well maybe perchance furthermore utilize Lenovo’s automatic on-line detector moderately than making an are attempting to determine out what mannequin your pc is whenever you happen to possess got got effort figuring out what mannequin you possess got got.
It’s most likely you’ll maybe well maybe perchance practice us on Linkedin, Twitter, Fb for every single day Cybersecurity updates.
Source credit : cybersecuritynews.com