Vulnerability Description
A memory leakage vulnerability was reported in the 534D0140 DXE driver that may allow a local attacker with elevated privileges to write to NVRAM variables.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lenovo | Ideacentre C5-14Imb05 Firmware | < o4hkt3ca |
| Lenovo | Ideacentre C5-14Imb05 | - |
| Lenovo | Ideacentre 3-07Ada05 Firmware | < o4fkt39a |
| Lenovo | Ideacentre 3-07Ada05 | - |
| Lenovo | Ideacentre 3-07Imb05 Firmware | < m2vkt21a |
| Lenovo | Ideacentre 3-07Imb05 | - |
| Lenovo | Ideacentre G5-14Imb05 Firmware | < o4hkt3ca |
| Lenovo | Ideacentre G5-14Imb05 | - |
| Lenovo | Ideacentre 5-14Iob6 Firmware | < m3gkt3da |
| Lenovo | Ideacentre 5-14Iob6 | - |
| Lenovo | Ideacentre Creator 5-14Iob6 Firmware | < m3gkt3da |
| Lenovo | Ideacentre Creator 5-14Iob6 | - |
| Lenovo | Ideacentre G5-14Amr05 Firmware | < o4zkt2ba |
| Lenovo | Ideacentre G5-14Amr05 | - |
| Lenovo | Ideacentre Gaming 5-14Iob6 Firmware | < m3gkt3da |
| Lenovo | Ideacentre Gaming 5-14Iob6 | - |
| Lenovo | Ideacentre Mini 5 01Iaq7 Firmware | < o53kt10a |
| Lenovo | Ideacentre Mini 5 01Iaq7 | - |
| Lenovo | Ideacentre Mini 5-01Imh05 Firmware | < o4ekt1ba |
| Lenovo | Ideacentre Mini 5-01Imh05 | - |
Related Weaknesses (CWE)
References
- https://support.lenovo.com/us/en/product_security/LEN-141775Vendor Advisory
- https://support.lenovo.com/us/en/product_security/LEN-141775Vendor Advisory
FAQ
What is CVE-2023-45076?
CVE-2023-45076 is a vulnerability with a CVSS score of 6.7 (MEDIUM). A memory leakage vulnerability was reported in the 534D0140 DXE driver that may allow a local attacker with elevated privileges to write to NVRAM variables.
How severe is CVE-2023-45076?
CVE-2023-45076 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-45076?
Check the references section above for vendor advisories and patch information. Affected products include: Lenovo Ideacentre C5-14Imb05 Firmware, Lenovo Ideacentre C5-14Imb05, Lenovo Ideacentre 3-07Ada05 Firmware, Lenovo Ideacentre 3-07Ada05, Lenovo Ideacentre 3-07Imb05 Firmware.