CVE-2022-3430

medium

Description

A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.

References

https://support.lenovo.com/us/en/product_security/LEN-94952

Details

Source: Mitre, NVD

Published: 2023-01-23

Updated: 2023-02-03

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 6.7

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H