CVE-2022-4433

Description

A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.

CVSS Version 3.1

nvd
CVE ID: CVE-2022-4433
Base Score: 4.4
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 0.8

lenovo
CVE ID: CVE-2022-4433
Base Score: 6.7
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 0.8

Refrence: NVD MITRE

Description​

Description