CVE & CISA-KEV Catalog

CVE-2023-43573

MEDIUM
6.7
CVSS v3
NVD

Description

A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

How to fix

Remediation Available
ideacentre 3-07ada05 firmwareNVD
Affected:< o4fkt39aFixed in:o4fkt39aCVE-2023-43573derived from NVD
ideacentre 3-07imb05 firmwareNVD
Affected:< m2vkt21aFixed in:m2vkt21aCVE-2023-43573derived from NVD
ideacentre 5-14imb05 firmwareNVD
Affected:< o4hkt3caFixed in:o4hkt3caCVE-2023-43573derived from NVD
ideacentre 5-14iob6 firmwareNVD
Affected:< m3gkt3daFixed in:m3gkt3daCVE-2023-43573derived from NVD
ideacentre 5 14iab7 firmwareNVD
Affected:< m42kt46aFixed in:m42kt46aCVE-2023-43573derived from NVD
ideacentre 5 14irb8 firmwareNVD
Affected:< m4ukt36aFixed in:m4ukt36aCVE-2023-43573derived from NVD
ideacentre aio 3-22iil5 firmwareNVD
Affected:< o56kt24aFixed in:o56kt24aCVE-2023-43573derived from NVD
ideacentre aio 3-22imb05 firmwareNVD
Affected:< o4rkt31aFixed in:o4rkt31aCVE-2023-43573derived from NVD
ideacentre aio 3-22itl6 firmwareNVD
Affected:< o5akt34aFixed in:o5akt34aCVE-2023-43573derived from NVD
ideacentre aio 3-24alc6 firmwareNVD
Affected:< o5bkt25aFixed in:o5bkt25aCVE-2023-43573derived from NVD
ideacentre aio 3-24iil5 firmwareNVD
Affected:< o56kt24aFixed in:o56kt24aCVE-2023-43573derived from NVD
ideacentre aio 3-24imb05 firmwareNVD
Affected:< o4rkt31aFixed in:o4rkt31aCVE-2023-43573derived from NVD
ideacentre aio 3-24itl6 firmwareNVD
Affected:< o5akt34aFixed in:o5akt34aCVE-2023-43573derived from NVD
ideacentre aio 3-27imb05 firmwareNVD
Affected:< o4rkt31aFixed in:o4rkt31aCVE-2023-43573derived from NVD
ideacentre aio 3-27itl6 firmwareNVD
Affected:< o5akt34aFixed in:o5akt34aCVE-2023-43573derived from NVD
ideacentre aio 3 21itl7 firmwareNVD
Affected:< o5akt34aFixed in:o5akt34aCVE-2023-43573derived from NVD
ideacentre aio 3 22iap7 firmwareNVD
Affected:< o5nkt33aFixed in:o5nkt33aCVE-2023-43573derived from NVD
ideacentre aio 3 24iap7 firmwareNVD
Affected:< o5nkt33aFixed in:o5nkt33aCVE-2023-43573derived from NVD
ideacentre aio 3 27iap7 firmwareNVD
Affected:< o5nkt33aFixed in:o5nkt33aCVE-2023-43573derived from NVD
ideacentre aio 5 24iah7 firmwareNVD
Affected:< o5rkt41aFixed in:o5rkt41aCVE-2023-43573derived from NVD
ideacentre aio 5 27iah7 firmwareNVD
Affected:< o5rkt41aFixed in:o5rkt41aCVE-2023-43573derived from NVD
ideacentre c5-14imb05 firmwareNVD
Affected:< o4hkt3caFixed in:o4hkt3caCVE-2023-43573derived from NVD
ideacentre creator 5-14iob6 firmwareNVD
Affected:< m3gkt3daFixed in:m3gkt3daCVE-2023-43573derived from NVD
ideacentre g5-14amr05 firmwareNVD
Affected:< o4zkt2baFixed in:o4zkt2baCVE-2023-43573derived from NVD
ideacentre g5-14imb05 firmwareNVD
Affected:< o4hkt3caFixed in:o4hkt3caCVE-2023-43573derived from NVD
ideacentre gaming 5-14iob6 firmwareNVD
Affected:< m3gkt3daFixed in:m3gkt3daCVE-2023-43573derived from NVD
ideacentre gaming 5 17iab7 firmwareNVD
Affected:< m42kt46aFixed in:m42kt46aCVE-2023-43573derived from NVD
ideacentre mini 5 01iaq7 firmwareNVD
Affected:< o53kt10aFixed in:o53kt10aCVE-2023-43573derived from NVD
legion t5 26iab7 firmwareNVD
Affected:< o5lkt2baFixed in:o5lkt2baCVE-2023-43573derived from NVD
legion t5 26irb8 firmwareNVD
Affected:< o5tkt1caFixed in:o5tkt1caCVE-2023-43573derived from NVD
legion t7-34iaz7 firmwareNVD
Affected:< o5hkt2caFixed in:o5hkt2caCVE-2023-43573derived from NVD
legion t7-34imz5 firmwareNVD
Affected:< o5fkt17aFixed in:o5fkt17aCVE-2023-43573derived from NVD
legion t7 34irz8 firmwareNVD
Affected:< o5ukt1faFixed in:o5ukt1faCVE-2023-43573derived from NVD
loq 17irb8 firmwareNVD
Affected:< m4ukt36aFixed in:m4ukt36aCVE-2023-43573derived from NVD
thinkcentre m630e firmwareNVD
Affected:< m28kt42aFixed in:m28kt42aCVE-2023-43573derived from NVD
thinkcentre m70c firmwareNVD
Affected:< m2vkt21aFixed in:m2vkt21aCVE-2023-43573derived from NVD
thinkcentre m70s firmwareNVD
Affected:< m2tkt55aFixed in:m2tkt55aCVE-2023-43573derived from NVD
thinkcentre m70s gen 3 firmwareNVD
Affected:< m41kt45aFixed in:m41kt45aCVE-2023-43573derived from NVD
thinkcentre m70t firmwareNVD
Affected:< m2tkt55aFixed in:m2tkt55aCVE-2023-43573derived from NVD
thinkcentre m70t gen 3 firmwareNVD
Affected:< m41kt45aFixed in:m41kt45aCVE-2023-43573derived from NVD
thinkcentre m75n firmwareNVD
Affected:< m33kt29aFixed in:m33kt29aCVE-2023-43573derived from NVD
thinkcentre m80s firmwareNVD
Affected:< m2tkt55aFixed in:m2tkt55aCVE-2023-43573derived from NVD
thinkcentre m80s gen 3 firmwareNVD
Affected:< m40kt45aFixed in:m40kt45aCVE-2023-43573derived from NVD
thinkcentre m80t firmwareNVD
Affected:< m2tkt55aFixed in:m2tkt55aCVE-2023-43573derived from NVD
thinkcentre m80t gen 3 firmwareNVD
Affected:< m40kt45aFixed in:m40kt45aCVE-2023-43573derived from NVD
thinkcentre m90a firmwareNVD
Affected:< m2rkt57aFixed in:m2rkt57aCVE-2023-43573derived from NVD
thinkcentre m90a gen 2 firmwareNVD
Affected:< m3lkt2aaFixed in:m3lkt2aaCVE-2023-43573derived from NVD
thinkcentre m90a gen 3 firmwareNVD
Affected:< m4ikt1daFixed in:m4ikt1daCVE-2023-43573derived from NVD
thinkcentre m90a pro gen 3 firmwareNVD
Affected:< m4hkt1daFixed in:m4hkt1daCVE-2023-43573derived from NVD
thinkcentre m90s firmwareNVD
Affected:< m2tkt55aFixed in:m2tkt55aCVE-2023-43573derived from NVD
thinkcentre m90s gen 3 firmwareNVD
Affected:< m40kt45aFixed in:m40kt45aCVE-2023-43573derived from NVD
thinkcentre m90t firmwareNVD
Affected:< m2tkt55aFixed in:m2tkt55aCVE-2023-43573derived from NVD
thinkcentre m90t gen 3 firmwareNVD
Affected:< m40kt45aFixed in:m40kt45aCVE-2023-43573derived from NVD
thinkcentre m920z all-in-one firmwareNVD
Affected:< m1mkt56aFixed in:m1mkt56aCVE-2023-43573derived from NVD
thinkcentre neo 30a 22 gen 3 firmwareNVD
Affected:< o5nkt33aFixed in:o5nkt33aCVE-2023-43573derived from NVD
thinkcentre neo 30a 22 gen 4 firmwareNVD
Affected:< o5nkt33aFixed in:o5nkt33aCVE-2023-43573derived from NVD
thinkcentre neo 30a 24 gen 3 firmwareNVD
Affected:< o5nkt33aFixed in:o5nkt33aCVE-2023-43573derived from NVD
thinkcentre neo 30a 24 gen 4 firmwareNVD
Affected:< o5nkt33aFixed in:o5nkt33aCVE-2023-43573derived from NVD
thinkcentre neo 30a 27 gen 3 firmwareNVD
Affected:< o5nkt33aFixed in:o5nkt33aCVE-2023-43573derived from NVD
thinkcentre neo 30a 27 gen 4 firmwareNVD
Affected:< o5nkt33aFixed in:o5nkt33aCVE-2023-43573derived from NVD
thinkcentre neo 50a 24 gen 3 firmwareNVD
Affected:< o5rkt41aFixed in:o5rkt41aCVE-2023-43573derived from NVD
thinkcentre neo 50a 24 gen 4 firmwareNVD
Affected:< o5xkt18aFixed in:o5xkt18aCVE-2023-43573derived from NVD
thinkcentre neo 50t gen 3 firmwareNVD
Affected:< m42kt46aFixed in:m42kt46aCVE-2023-43573derived from NVD
thinkcentre neo 70t gen 3 firmwareNVD
Affected:< m40kt45aFixed in:m40kt45aCVE-2023-43573derived from NVD
thinkstation p330 workstation 2nd gen firmwareNVD
Affected:< m1vkt73aFixed in:m1vkt73aCVE-2023-43573derived from NVD
thinkstation p330 workstation firmwareNVD
Affected:< m1vkt73aFixed in:m1vkt73aCVE-2023-43573derived from NVD
thinkstation p340 workstation firmwareNVD
Affected:< s08kt55aFixed in:s08kt55aCVE-2023-43573derived from NVD
thinkstation p358 workstation firmwareNVD
Affected:< s0hkt23aFixed in:s0hkt23aCVE-2023-43573derived from NVD
thinkstation p360 workstation firmwareNVD
Affected:< s0ekt45aFixed in:s0ekt45aCVE-2023-43573derived from NVD
v30a-22iml firmwareNVD
Affected:< m37kt31aFixed in:m37kt31aCVE-2023-43573derived from NVD
v30a-22itl firmwareNVD
Affected:< o5akt34aFixed in:o5akt34aCVE-2023-43573derived from NVD
v30a-24iml firmwareNVD
Affected:< m37kt31aFixed in:m37kt31aCVE-2023-43573derived from NVD
v30a-24itl firmwareNVD
Affected:< o5akt34aFixed in:o5akt34aCVE-2023-43573derived from NVD
v50a-22imb firmwareNVD
Affected:< m36kt32aFixed in:m36kt32aCVE-2023-43573derived from NVD
v50a-24imb firmwareNVD
Affected:< m36kt32aFixed in:m36kt32aCVE-2023-43573derived from NVD
v50s-07imb firmwareNVD
Affected:< m2vkt21aFixed in:m2vkt21aCVE-2023-43573derived from NVD
v50t-13imb firmwareNVD
Affected:< o4hkt3caFixed in:o4hkt3caCVE-2023-43573derived from NVD
v50t-13imh firmwareNVD
Affected:< m4pkt16aFixed in:m4pkt16aCVE-2023-43573derived from NVD
v50t-13iob firmwareNVD
Affected:< m3gkt3daFixed in:m3gkt3daCVE-2023-43573derived from NVD
v55t gen 2 13acn firmwareNVD
Affected:< o5jkt2caFixed in:o5jkt2caCVE-2023-43573derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

0.23%probability of exploitation in 30 days
14thpercentile

Low risk: more likely to be exploited than 14% of all known CVEs.

References

Vendor Advisory1

Related Vulnerabilities

Other CWE-120 (Classic Buffer Overflow) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2014-0195Medium6.8100%-Fix
CVE-2017-7269Critical9.8100%KEV-
CVE-2019-11043High8.799%KEV + RansomFix
CVE-2011-4862High10.095%-Fix
CVE-2007-5659High7.894%KEVFix
CVE-2022-3786High7.591%-Fix
Embed a live status badge for CVE-2023-43573
CVE-2023-43573 severity badge

Markdown

[![CVE-2023-43573](https://tridentstack.com/cve/badge/CVE-2023-43573.svg)](https://tridentstack.com/cve/CVE-2023-43573)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-43573"><img src="https://tridentstack.com/cve/badge/CVE-2023-43573.svg" alt="CVE-2023-43573"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.