CVE-2022-48183
CVE-2022-48183
In short
The BIOS tamper detection in certain ThinkPad models can fail to activate under specific conditions, potentially allowing someone to modify the system firmware without triggering security alerts.
Technical detail
A bypass in the BIOS tamper detection mechanism on ThinkPad T14s Gen 3 and X13 Gen 3 fails to trigger under specific circumstances, enabling unauthorized firmware modification. An attacker with physical access could exploit this to alter BIOS settings or inject malicious code while evading detection mechanisms.
Summary generated and translated by AI from the official description.
A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Affected products
Lenovo · ThinkPad T14s Gen 3 BIOS - LinuxLenovo · ThinkPad T14s X13 Gen3 BIOS - WindowsLenovo · ThinkPad X13 Gen3 BIOS - LinuxLenovo · ThinkPad X13 Gen3 BIOS - WindowsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →