lps.qualys.com
Open in
urlscan Pro
104.17.71.206
Public Scan
URL:
https://lps.qualys.com/index.php/email/emailWebview?mkt_tok=Nzk3LUVOSS03NDIAAAGHJU4ZjKKjQlpgE3bh13K0VQP_oqLWb7W57oZx27N...
Submission: On September 29 via manual from IN — Scanned from DE
Submission: On September 29 via manual from IN — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
Forward to a Friend * Friend's First Name: Required * Friend's Last Name: Required * Friend's Email: Invalid email address Successfully Sent CANCELSEND SEND ANOTHERDONE Lenovo disclosed Multi-Vendor BIOS Security Vulnerabilities in September 2022 that affect multiple Lenovo devices. These are high severity vulnerabil - Qualys Security Blog View this email in your browser By Lavish Jhamb Remediate Your Vulnerable Lenovo Systems with Qualys Custom Assessment and Remediation Posted in on September 28, 2022 Lenovo disclosed Multi-Vendor BIOS Security Vulnerabilities in September 2022 that affect multiple Lenovo devices. These are high severity vulnerabilities that have the potential of resulting in information disclosure, privilege escalation, and denial of service. Here are the related CVEs: * CVE-2021-28216 – Tianocore reported a fixed pointer vulnerability in TianoCore EDK II BIOS that may allow an attacker with local access and elevated privileges to execute arbitrary code * CVE-2022-40137 – A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code * CVE-2022-40134 – An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory * CVE-2022-40135 – An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory * CVE-2022-40136 – An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory As part of its remediation efforts, Lenovo has fixed these issues with the latest BIOS updates for impacted devices. Please refer to: Lenovo System Update for Windows 11, 10 & 7 (32-bit, 64-bit) – Desktop, Notebook, Workstation. Continue reading or comment Share this article Manage your subscription Qualys Blog This email was sent to lokeshjagadisan@outlook.com. You may adjust your email preferences or unsubscribe at any time. Privacy | Contacts | Support 919 E Hillsdale Blvd, 4th Floor, Foster City, CA 94404 | (650) 801 6100 Qualys is a global company with offices around the world. Find an office near you. © 2022 Qualys, Inc. All rights reserved.