CVE & CISA-KEV Catalog

CVE-2022-48181

MEDIUM
6.7
CVSS v3
NVD

Description

An ErrorMessage driver stack-based buffer overflow vulnerability in BIOS of some ThinkPad models could allow an attacker with local access to elevate their privileges and execute arbitrary code.

How to fix

Remediation Available
ideacentre 3-07ada05 firmwareNVD
Affected:< m4mkt12aFixed in:m4mkt12aCVE-2022-48181derived from NVD
ideacentre 3-07imb05 firmwareNVD
Affected:< m2vkt1eaFixed in:m2vkt1eaCVE-2022-48181derived from NVD
ideacentre 3 07ach7 firmwareNVD
Affected:< m4mkt12aFixed in:m4mkt12aCVE-2022-48181derived from NVD
ideacentre 3 07iab7 firmwareNVD
Affected:< m49kt21aFixed in:m49kt21aCVE-2022-48181derived from NVD
ideacentre 5-14acn6 firmwareNVD
Affected:< o5ekt24aFixed in:o5ekt24aCVE-2022-48181derived from NVD
ideacentre 5-14are05 firmwareNVD
Affected:< o4zkt2aaFixed in:o4zkt2aaCVE-2022-48181derived from NVD
ideacentre 5-14imb05 firmwareNVD
Affected:< o4hkt3aaFixed in:o4hkt3aaCVE-2022-48181derived from NVD
ideacentre 5-14iob6 firmwareNVD
Affected:< m3gkt3aaFixed in:m3gkt3aaCVE-2022-48181derived from NVD
ideacentre 510s-07icb firmwareNVD
Affected:< m22kt49aFixed in:m22kt49aCVE-2022-48181derived from NVD
ideacentre 510s-07ick firmwareNVD
Affected:< m1zkt40aFixed in:m1zkt40aCVE-2022-48181derived from NVD
ideacentre 5 14iab7 firmwareNVD
Affected:< m42kt42aFixed in:m42kt42aCVE-2022-48181derived from NVD
ideacentre 720-18apr firmwareNVD
Affected:< m25kt63aFixed in:m25kt63aCVE-2022-48181derived from NVD
ideacentre aio 3-22imb05 firmwareNVD
Affected:< o5nkt32aFixed in:o5nkt32aCVE-2022-48181derived from NVD
ideacentre aio 3-22itl6 firmwareNVD
Affected:< o5akt33Fixed in:o5akt33CVE-2022-48181derived from NVD
ideacentre aio 3-24alc6 firmwareNVD
Affected:< o5bkt25aFixed in:o5bkt25aCVE-2022-48181derived from NVD
ideacentre aio 3-24imb05 firmwareNVD
Affected:< o5nkt32aFixed in:o5nkt32aCVE-2022-48181derived from NVD
ideacentre aio 3-24itl6 firmwareNVD
Affected:< o5akt33Fixed in:o5akt33CVE-2022-48181derived from NVD
ideacentre aio 3-27alc6 firmwareNVD
Affected:< o5bkt25aFixed in:o5bkt25aCVE-2022-48181derived from NVD
ideacentre aio 3-27imb05 firmwareNVD
Affected:< o5nkt32aFixed in:o5nkt32aCVE-2022-48181derived from NVD
ideacentre aio 3-27itl6 firmwareNVD
Affected:< o5akt33Fixed in:o5akt33CVE-2022-48181derived from NVD
ideacentre aio 3 21itl7 firmwareNVD
Affected:< o5akt33Fixed in:o5akt33CVE-2022-48181derived from NVD
ideacentre aio 3 22iap7 firmwareNVD
Affected:< o5nkt32aFixed in:o5nkt32aCVE-2022-48181derived from NVD
ideacentre aio 3 24iap7 firmwareNVD
Affected:< o5nkt32aFixed in:o5nkt32aCVE-2022-48181derived from NVD
ideacentre aio 3 27iap7 firmwareNVD
Affected:< o5nkt32aFixed in:o5nkt32aCVE-2022-48181derived from NVD
ideacentre aio 5 24iah7 firmwareNVD
Affected:< o5rkt39aFixed in:o5rkt39aCVE-2022-48181derived from NVD
ideacentre aio 5 27iah7 firmwareNVD
Affected:< o5rkt39aFixed in:o5rkt39aCVE-2022-48181derived from NVD
ideacentre c5-14imb05 firmwareNVD
Affected:< o4hkt3aaFixed in:o4hkt3aaCVE-2022-48181derived from NVD
ideacentre creator 5-14iob6 firmwareNVD
Affected:< m3gkt3aaFixed in:m3gkt3aaCVE-2022-48181derived from NVD
ideacentre g5-14amr05 firmwareNVD
Affected:< o4zkt2aaFixed in:o4zkt2aaCVE-2022-48181derived from NVD
ideacentre g5-14imb05 firmwareNVD
Affected:< o4hkt3aaFixed in:o4hkt3aaCVE-2022-48181derived from NVD
ideacentre gaming 5-14acn6 firmwareNVD
Affected:< o5ekt24aFixed in:o5ekt24aCVE-2022-48181derived from NVD
ideacentre gaming 5-14iob6 firmwareNVD
Affected:< m3gkt3aaFixed in:m3gkt3aaCVE-2022-48181derived from NVD
ideacentre gaming 5 17acn7 firmwareNVD
Affected:< o5ekt24aFixed in:o5ekt24aCVE-2022-48181derived from NVD
ideacentre gaming 5 17iab7 firmwareNVD
Affected:< m42kt42aFixed in:m42kt42aCVE-2022-48181derived from NVD
ideacentre mini 5-01imh05 firmwareNVD
Affected:< o4ekt19aFixed in:o4ekt19aCVE-2022-48181derived from NVD
ideacentre mini 5 01iaq7 firmwareNVD
Affected:< o53kt0eaFixed in:o53kt0eaCVE-2022-48181derived from NVD
legion c530-19icb firmwareNVD
Affected:< o4bkt22aFixed in:o4bkt22aCVE-2022-48181derived from NVD
legion r5-28imb05 firmwareNVD
Affected:< o4nkt1daFixed in:o4nkt1daCVE-2022-48181derived from NVD
legion t5-26amr5 firmwareNVD
Affected:< o4mkt2daFixed in:o4mkt2daCVE-2022-48181derived from NVD
legion t5-26iob6 firmwareNVD
Affected:< o54kt22aFixed in:o54kt22aCVE-2022-48181derived from NVD
legion t5-28icb05 firmwareNVD
Affected:< o4bkt22aFixed in:o4bkt22aCVE-2022-48181derived from NVD
legion t5-28imb05 firmwareNVD
Affected:< o4nkt1daFixed in:o4nkt1daCVE-2022-48181derived from NVD
legion t530-28icb firmwareNVD
Affected:< o4bkt22aFixed in:o4bkt22aCVE-2022-48181derived from NVD
legion t7-34iaz7 firmwareNVD
Affected:< o5hkt2aaFixed in:o5hkt2aaCVE-2022-48181derived from NVD
legion t7-34imz5 firmwareNVD
Affected:< o5fkt15aFixed in:o5fkt15aCVE-2022-48181derived from NVD
lenovo legion t5 26iab7 firmwareNVD
Affected:< o5lkt29aFixed in:o5lkt29aCVE-2022-48181derived from NVD
thinkcentre m600 firmwareNVD
Affected:< m00kt68aFixed in:m00kt68aCVE-2022-48181derived from NVD
thinkcentre m60e tiny firmwareNVD
Affected:< m3skt25aFixed in:m3skt25aCVE-2022-48181derived from NVD
thinkcentre m625q firmwareNVD
Affected:< m1wkt50aFixed in:m1wkt50aCVE-2022-48181derived from NVD
thinkcentre m70c firmwareNVD
Affected:< m2vkt1eaFixed in:m2vkt1eaCVE-2022-48181derived from NVD
thinkcentre m70q firmwareNVD
Affected:< m2wkt59aFixed in:m2wkt59aCVE-2022-48181derived from NVD
thinkcentre m70q gen 2 firmwareNVD
Affected:< m3jkt37aFixed in:m3jkt37aCVE-2022-48181derived from NVD
thinkcentre m70q gen 3 firmwareNVD
Affected:< m43kt1baFixed in:m43kt1baCVE-2022-48181derived from NVD
thinkcentre m70s firmwareNVD
Affected:< m2tkt52aFixed in:m2tkt52aCVE-2022-48181derived from NVD
thinkcentre m70s gen 3 firmwareNVD
Affected:< m41kt3daFixed in:m41kt3daCVE-2022-48181derived from NVD
thinkcentre m70t firmwareNVD
Affected:< m2tkt52aFixed in:m2tkt52aCVE-2022-48181derived from NVD
thinkcentre m70t gen 3 firmwareNVD
Affected:< m41kt3daFixed in:m41kt3daCVE-2022-48181derived from NVD
thinkcentre m720e firmwareNVD
Affected:< m1zkt40aFixed in:m1zkt40aCVE-2022-48181derived from NVD
thinkcentre m720q firmwareNVD
Affected:< m1ukt70aFixed in:m1ukt70aCVE-2022-48181derived from NVD
thinkcentre m720s firmwareNVD
Affected:< m1ukt70aFixed in:m1ukt70aCVE-2022-48181derived from NVD
thinkcentre m720t firmwareNVD
Affected:< m1ukt70aFixed in:m1ukt70aCVE-2022-48181derived from NVD
thinkcentre m725s firmwareNVD
Affected:< m25kt63aFixed in:m25kt63aCVE-2022-48181derived from NVD
thinkcentre m75n firmwareNVD
Affected:< m33kt27aFixed in:m33kt27aCVE-2022-48181derived from NVD
thinkcentre m75s-1 firmwareNVD
Affected:< m2ckt4faFixed in:m2ckt4faCVE-2022-48181derived from NVD
thinkcentre m75s gen 2 firmwareNVD
Affected:< m3akt4caFixed in:m3akt4caCVE-2022-48181derived from NVD
thinkcentre m75t gen 2 firmwareNVD
Affected:< m3akt4caFixed in:m3akt4caCVE-2022-48181derived from NVD
thinkcentre m80q firmwareNVD
Affected:< m2wkt59aFixed in:m2wkt59aCVE-2022-48181derived from NVD
thinkcentre m80q gen 3 firmwareNVD
Affected:< m4gkt23aFixed in:m4gkt23aCVE-2022-48181derived from NVD
thinkcentre m80s firmwareNVD
Affected:< m2tkt52aFixed in:m2tkt52aCVE-2022-48181derived from NVD
thinkcentre m80s gen 3 firmwareNVD
Affected:< m40kt3daFixed in:m40kt3daCVE-2022-48181derived from NVD
thinkcentre m80t firmwareNVD
Affected:< m2tkt52aFixed in:m2tkt52aCVE-2022-48181derived from NVD
thinkcentre m80t gen 3 firmwareNVD
Affected:< m40kt3daFixed in:m40kt3daCVE-2022-48181derived from NVD
thinkcentre m90a firmwareNVD
Affected:< m2rkt56aFixed in:m2rkt56aCVE-2022-48181derived from NVD
thinkcentre m90a gen 2 firmwareNVD
Affected:< m3lkt28aFixed in:m3lkt28aCVE-2022-48181derived from NVD
thinkcentre m90a gen 3 firmwareNVD
Affected:< m4ikt19aFixed in:m4ikt19aCVE-2022-48181derived from NVD
thinkcentre m90a pro gen 3 firmwareNVD
Affected:< m4hkt19aFixed in:m4hkt19aCVE-2022-48181derived from NVD
thinkcentre m90q gen 2 firmwareNVD
Affected:< m3jkt37aFixed in:m3jkt37aCVE-2022-48181derived from NVD
thinkcentre m90q gen 3 firmwareNVD
Affected:< m4gkt23aFixed in:m4gkt23aCVE-2022-48181derived from NVD
thinkcentre m90q tiny firmwareNVD
Affected:< m2wkt59aFixed in:m2wkt59aCVE-2022-48181derived from NVD
thinkcentre m90s firmwareNVD
Affected:< m2tkt52aFixed in:m2tkt52aCVE-2022-48181derived from NVD
thinkcentre m90s gen 3 firmwareNVD
Affected:< m40kt3daFixed in:m40kt3daCVE-2022-48181derived from NVD
thinkcentre m90t firmwareNVD
Affected:< m2tkt52aFixed in:m2tkt52aCVE-2022-48181derived from NVD
thinkcentre m90t gen 3 firmwareNVD
Affected:< m40kt3daFixed in:m40kt3daCVE-2022-48181derived from NVD
thinkcentre m920q firmwareNVD
Affected:< m1ukt70aFixed in:m1ukt70aCVE-2022-48181derived from NVD
thinkcentre m920s firmwareNVD
Affected:< m1ukt70aFixed in:m1ukt70aCVE-2022-48181derived from NVD
thinkcentre m920t firmwareNVD
Affected:< m1ukt70aFixed in:m1ukt70aCVE-2022-48181derived from NVD
thinkcentre m920x firmwareNVD
Affected:< m1ukt70aFixed in:m1ukt70aCVE-2022-48181derived from NVD
thinkcentre m920z firmwareNVD
Affected:< m1mkt55aFixed in:m1mkt55aCVE-2022-48181derived from NVD
thinkcentre neo 30a 22 gen 3 firmwareNVD
Affected:< o5nkt32aFixed in:o5nkt32aCVE-2022-48181derived from NVD
thinkcentre neo 30a 24 gen 3 firmwareNVD
Affected:< o5nkt32aFixed in:o5nkt32aCVE-2022-48181derived from NVD
thinkcentre neo 30a 27 gen 3 firmwareNVD
Affected:< o5nkt32aFixed in:o5nkt32aCVE-2022-48181derived from NVD
thinkcentre neo 50s gen 3 firmwareNVD
Affected:< m49kt21aFixed in:m49kt21aCVE-2022-48181derived from NVD
thinkcentre neo 50t gen 3 firmwareNVD
Affected:< m42kt42aFixed in:m42kt42aCVE-2022-48181derived from NVD
thinkcentre neo 70t gen 3 firmwareNVD
Affected:< m40kt3daFixed in:m40kt3daCVE-2022-48181derived from NVD
thinkcentre t540-15ama g firmwareNVD
Affected:< m2ckt4faFixed in:m2ckt4faCVE-2022-48181derived from NVD
thinkstation p320 firmwareNVD
Affected:< s06kt63aFixed in:s06kt63aCVE-2022-48181derived from NVD
thinkstation p330 firmwareNVD
Affected:< m1vkt6faFixed in:m1vkt6faCVE-2022-48181derived from NVD
thinkstation p330 gen 2 firmwareNVD
Affected:< m1vkt6faFixed in:m1vkt6faCVE-2022-48181derived from NVD
thinkstation p330 tiny firmwareNVD
Affected:< m1ukt70aFixed in:m1ukt70aCVE-2022-48181derived from NVD
thinkstation p340 firmwareNVD
Affected:< s08kt53aFixed in:s08kt53aCVE-2022-48181derived from NVD
thinkstation p340 tiny firmwareNVD
Affected:< m2wkt59aFixed in:m2wkt59aCVE-2022-48181derived from NVD
thinkstation p350 firmwareNVD
Affected:< s0akt39aFixed in:s0akt39aCVE-2022-48181derived from NVD
thinkstation p350 tiny firmwareNVD
Affected:< m3jkt37aFixed in:m3jkt37aCVE-2022-48181derived from NVD
thinkstation p360 firmwareNVD
Affected:< s0ekt43aFixed in:s0ekt43aCVE-2022-48181derived from NVD
thinkstation p360 tiny firmwareNVD
Affected:< m4gkt23aFixed in:m4gkt23aCVE-2022-48181derived from NVD
v30a-22itl firmwareNVD
Affected:< o5akt33Fixed in:o5akt33CVE-2022-48181derived from NVD
v30a-24itl firmwareNVD
Affected:< o5akt33Fixed in:o5akt33CVE-2022-48181derived from NVD
v35s-07ada firmwareNVD
Affected:< m4mkt12aFixed in:m4mkt12aCVE-2022-48181derived from NVD
v50s-07imb firmwareNVD
Affected:< m2vkt1eaFixed in:m2vkt1eaCVE-2022-48181derived from NVD
v50t-13imb firmwareNVD
Affected:< o4hkt3aaFixed in:o4hkt3aaCVE-2022-48181derived from NVD
v50t-13iob g2 firmwareNVD
Affected:< m3gkt3aaFixed in:m3gkt3aaCVE-2022-48181derived from NVD
v530s-07icb firmwareNVD
Affected:< m22kt49aFixed in:m22kt49aCVE-2022-48181derived from NVD
v530s-07icr firmwareNVD
Affected:< m1zkt40aFixed in:m1zkt40aCVE-2022-48181derived from NVD
v55t gen 2 13acn firmwareNVD
Affected:< o5jkt23aFixed in:o5jkt23aCVE-2022-48181derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

0.19%probability of exploitation in 30 days
9thpercentile

Low risk: more likely to be exploited than 9% of all known CVEs.

References

Vendor Advisory1

Related Vulnerabilities

Other CWE-787 (Out-of-bounds Write) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2025-22457Critical9.0100%KEV + RansomFix
CVE-2025-0282Critical9.0100%KEV + Ransom-
CVE-2015-3113Critical9.8100%KEVFix
CVE-2021-20038Critical9.8100%KEV + Ransom-
CVE-2023-4863High8.8100%KEVFix
CVE-2020-16040Medium6.5100%-Fix
Embed a live status badge for CVE-2022-48181
CVE-2022-48181 severity badge

Markdown

[![CVE-2022-48181](https://tridentstack.com/cve/badge/CVE-2022-48181.svg)](https://tridentstack.com/cve/CVE-2022-48181)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-48181"><img src="https://tridentstack.com/cve/badge/CVE-2022-48181.svg" alt="CVE-2022-48181"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.