A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
Affected:< frcn23wwFixed in:frcn23wwCVE-2022-1892derived from NVD
100w gen 3 firmwareNVD
Affected:< gacn38wwFixed in:gacn38wwCVE-2022-1892derived from NVD
13w yoga firmwareNVD
Affected:< jacn31wwFixed in:jacn31wwCVE-2022-1892derived from NVD
14w gen 2 firmwareNVD
Affected:< h0cn21wwFixed in:h0cn21wwCVE-2022-1892derived from NVD
300e 2nd gen firmwareNVD
Affected:< frcn23wwFixed in:frcn23wwCVE-2022-1892derived from NVD
300w gen 3 firmwareNVD
Affected:< gacn38wwFixed in:gacn38wwCVE-2022-1892derived from NVD
500w gen 3 firmwareNVD
Affected:< g6cn40wwFixed in:g6cn40wwCVE-2022-1892derived from NVD
730s-13iml firmwareNVD
Affected:< brcn20wwFixed in:brcn20wwCVE-2022-1892derived from NVD
flex 3-11ada05 firmwareNVD
Affected:< fpcn26wwFixed in:fpcn26wwCVE-2022-1892derived from NVD
flex 5-14alc05 firmwareNVD
Affected:< gjcn27wwFixed in:gjcn27wwCVE-2022-1892derived from NVD
flex 5-14are05 firmwareNVD
Affected:< eecn39wwFixed in:eecn39wwCVE-2022-1892derived from NVD
flex 5-14iil05 firmwareNVD
Affected:< eecn40wwFixed in:eecn40wwCVE-2022-1892derived from NVD
flex 5-14itl05 firmwareNVD
Affected:< fxcn38wwFixed in:fxcn38wwCVE-2022-1892derived from NVD
flex 5-15alc05 firmwareNVD
Affected:< gjcn27wwFixed in:gjcn27wwCVE-2022-1892derived from NVD
flex 5-15iil05 firmwareNVD
Affected:< eccn40wwFixed in:eccn40wwCVE-2022-1892derived from NVD
flex 5-15itl05 firmwareNVD
Affected:< fxcn38wwFixed in:fxcn38wwCVE-2022-1892derived from NVD
ideapad 1-11ada05 firmwareNVD
Affected:< fqcn26wwFixed in:fqcn26wwCVE-2022-1892derived from NVD
ideapad 1-11igl05 firmwareNVD
Affected:< dwcn24wwFixed in:dwcn24wwCVE-2022-1892derived from NVD
ideapad 1-14ada05 firmwareNVD
Affected:< fqcn26wwFixed in:fqcn26wwCVE-2022-1892derived from NVD
ideapad 1-14igl05 firmwareNVD
Affected:< dwcn24wwFixed in:dwcn24wwCVE-2022-1892derived from NVD
ideapad 3-14ada05 firmwareNVD
Affected:< e8cn36wwFixed in:e8cn36wwCVE-2022-1892derived from NVD
ideapad 3-14ada6 firmwareNVD
Affected:< hbcn24wwFixed in:hbcn24wwCVE-2022-1892derived from NVD
ideapad 3-14alc6 firmwareNVD
Affected:< glcn48wwFixed in:glcn48wwCVE-2022-1892derived from NVD
ideapad 3-15ada05 firmwareNVD
Affected:< e8cn36wwFixed in:e8cn36wwCVE-2022-1892derived from NVD
ideapad 3-15ada6 firmwareNVD
Affected:< hbcn24wwFixed in:hbcn24wwCVE-2022-1892derived from NVD
ideapad 3-15alc6 firmwareNVD
Affected:< glcn48wwFixed in:glcn48wwCVE-2022-1892derived from NVD
ideapad 3-17ada05 firmwareNVD
Affected:< hbcn24wwFixed in:hbcn24wwCVE-2022-1892derived from NVD
ideapad 3-17ada6 firmwareNVD
Affected:< glcn48wwFixed in:glcn48wwCVE-2022-1892derived from NVD
ideapad 3-17alc6 firmwareNVD
Affected:< e8cn36wwFixed in:e8cn36wwCVE-2022-1892derived from NVD
ideapad 5-15alc05 firmwareNVD
Affected:< h2cn27wwFixed in:h2cn27wwCVE-2022-1892derived from NVD
ideapad 5 15aba7 firmwareNVD
Affected:< kacn14wwFixed in:kacn14wwCVE-2022-1892derived from NVD
ideapad flex 5 14alc7 firmwareNVD
Affected:< jccn29wwFixed in:jccn29wwCVE-2022-1892derived from NVD
ideapad flex 5 16alc7 firmwareNVD
Affected:< jccn29wwFixed in:jccn29wwCVE-2022-1892derived from NVD
ideapad s940-14iil firmwareNVD
Affected:< bqcn34wwFixed in:bqcn34wwCVE-2022-1892derived from NVD
ideapad slim 1-11ast-05 firmwareNVD
Affected:< cwcn25wwFixed in:cwcn25wwCVE-2022-1892derived from NVD
ideapad slim 1-14ast-05 firmwareNVD
Affected:< cwcn25wwFixed in:cwcn25wwCVE-2022-1892derived from NVD
legion s7-15ach6 firmwareNVD
Affected:< g1cn27wwFixed in:g1cn27wwCVE-2022-1892derived from NVD
legion s7-15arh5 firmwareNVD
Affected:< fdcn40wwFixed in:fdcn40wwCVE-2022-1892derived from NVD
legion s7-15imh5 firmwareNVD
Affected:< hacn37wwFixed in:hacn37wwCVE-2022-1892derived from NVD
s145-14api firmwareNVD
Affected:< bucn33wwFixed in:bucn33wwCVE-2022-1892derived from NVD
s145-14ast firmwareNVD
Affected:< aycn28wwFixed in:aycn28wwCVE-2022-1892derived from NVD
s145-15api firmwareNVD
Affected:< bucn33wwFixed in:bucn33wwCVE-2022-1892derived from NVD
s145-15ast firmwareNVD
Affected:< aycn28wwFixed in:aycn28wwCVE-2022-1892derived from NVD
s540-13api firmwareNVD
Affected:< cxcn36wwFixed in:cxcn36wwCVE-2022-1892derived from NVD
thinkbook 13s-iml firmwareNVD
Affected:< cqcn37wwFixed in:cqcn37wwCVE-2022-1892derived from NVD
thinkbook 13s g2 are firmwareNVD
Affected:< fvcn24wwFixed in:fvcn24wwCVE-2022-1892derived from NVD
thinkbook 13s g2 itl firmwareNVD
Affected:< f9cn50wwFixed in:f9cn50wwCVE-2022-1892derived from NVD
thinkbook 13s g3 acn firmwareNVD
Affected:< gmcn29wwFixed in:gmcn29wwCVE-2022-1892derived from NVD
thinkbook 14-iil firmwareNVD
Affected:< djcn28wwFixed in:djcn28wwCVE-2022-1892derived from NVD
thinkbook 14-iml firmwareNVD
Affected:< cjcn38wwFixed in:cjcn38wwCVE-2022-1892derived from NVD
thinkbook 14p g2 ach firmwareNVD
Affected:< gwcn41wwFixed in:gwcn41wwCVE-2022-1892derived from NVD
thinkbook 14s-iml firmwareNVD
Affected:< cqcn37wwFixed in:cqcn37wwCVE-2022-1892derived from NVD
thinkbook 14s g2 itl firmwareNVD
Affected:< f9cn50wwFixed in:f9cn50wwCVE-2022-1892derived from NVD
thinkbook 15-iil firmwareNVD
Affected:< djcn28wwFixed in:djcn28wwCVE-2022-1892derived from NVD
thinkbook 15-iml firmwareNVD
Affected:< cjcn38wwFixed in:cjcn38wwCVE-2022-1892derived from NVD
thinkbook 16p g2 ach firmwareNVD
Affected:< gxcn42wwFixed in:gxcn42wwCVE-2022-1892derived from NVD
v130-15ikb firmwareNVD
Affected:< 8vcn31wwFixed in:8vcn31wwCVE-2022-1892derived from NVD
v14-ada firmwareNVD
Affected:< e8cn36wwFixed in:e8cn36wwCVE-2022-1892derived from NVD
v14 g2-alc firmwareNVD
Affected:< glcn48wwFixed in:glcn48wwCVE-2022-1892derived from NVD
v15-ada firmwareNVD
Affected:< e8cn36wwFixed in:e8cn36wwCVE-2022-1892derived from NVD
v15 g2-alc firmwareNVD
Affected:< glcn48wwFixed in:glcn48wwCVE-2022-1892derived from NVD
yoga 9-15imh5 firmwareNVD
Affected:< epcn28wwFixed in:epcn28wwCVE-2022-1892derived from NVD
yoga c640-13iml firmwareNVD
Affected:< chcn28wwFixed in:chcn28wwCVE-2022-1892derived from NVD
yoga c640-13iml lte firmwareNVD
Affected:< chcn28wwFixed in:chcn28wwCVE-2022-1892derived from NVD
yoga c940-15irh firmwareNVD
Affected:< bscn37wwFixed in:bscn37wwCVE-2022-1892derived from NVD
yoga s730-13iml firmwareNVD
Affected:< brcn20wwFixed in:brcn20wwCVE-2022-1892derived from NVD
yoga s940-14iil firmwareNVD
Affected:< bqcn34wwFixed in:bqcn34wwCVE-2022-1892derived from NVD
yoga slim 7 pro-14ach5 firmwareNVD
Affected:< gzcn29wwFixed in:gzcn29wwCVE-2022-1892derived from NVD
yoga slim 7 pro-14ach5 o firmwareNVD
Affected:< gzcn29wwFixed in:gzcn29wwCVE-2022-1892derived from NVD
yoga slim 7 pro-14arh5 firmwareNVD
Affected:< gzcn24wwFixed in:gzcn24wwCVE-2022-1892derived from NVD
Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
CVSS v3 Vector
Exploitability
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploit Intelligence
0.34%probability of exploitation in 30 days
26thpercentile
Low risk: more likely to be exploited than 26% of all known CVEs.
TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.