CVE-2023-34419
MEDIUMLenovo Legion 5 Pro 16iah7h Firmware < j2cn51ww - Buffer Overflow
Title source: ruleDescription
A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.
References (1)
Core 1
Core References
Vendor Advisory
https://support.lenovo.com/us/en/product_security/LEN-134879
Scores
CVSS v3
6.7
EPSS
0.0004
EPSS Percentile
10.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-120
Status
published
Products (30)
lenovo/legion_5-15ach6_firmware
lenovo/legion_5-15ach6a_firmware
lenovo/legion_5-15ach6h_firmware
lenovo/legion_5-15ith6_firmware
lenovo/legion_5-15ith6h_firmware
lenovo/legion_5-17ach6_firmware
lenovo/legion_5-17ach6h_firmware
lenovo/legion_5-17ith6_firmware
lenovo/legion_5-17ith6h_firmware
lenovo/legion_5_15arh7_firmware
... and 20 more
Published
Aug 17, 2023
Tracked Since
Feb 18, 2026