CVE-2022-3742
MEDIUMLenovo Ideapad 1 14iau7 Firmware < jkcn34ww - Buffer Overflow
Title source: ruleDescription
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation.
References (1)
Core 1
Core References
Vendor Advisory
https://support.lenovo.com/us/en/product_security/LEN-103710
Scores
CVSS v3
6.7
EPSS
0.0002
EPSS Percentile
6.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-120
Status
published
Products (50)
lenovo/ideapad_1-14ijl7_firmware
< htcn31ww
lenovo/ideapad_1-15ijl7_firmware
< htcn31ww
lenovo/ideapad_1_14iau7_firmware
< jkcn34ww
lenovo/ideapad_1_14igl7_firmware
< kkcn15ww
lenovo/ideapad_1_15iau7_firmware
< jkcn34ww
lenovo/ideapad_1_15igl7_firmware
< kkcn15ww
lenovo/ideapad_3-14igl05_firmware
< dvcn28ww
lenovo/ideapad_3-14iil05_firmware
< emcn56ww
lenovo/ideapad_3-14iml05_firmware
< dxcn44ww
lenovo/ideapad_3-14itl05_firmware
< gccn32ww
... and 40 more
Published
Aug 23, 2023
Tracked Since
Feb 18, 2026