BIOS Tamper Detection Issue in Lenovo ThinkPad T14s Gen 3 and X13 Gen 3
CVE-2022-3728

6.1MEDIUM

Key Information:

Vendor: Lenovo
Status: Thinkpad T14s Gen 3 BiOS; Thinkpad X13 Gen3 BiOS
Vendor: CVE Published:; 9 October 2023

Summary

A vulnerability exists in Lenovo’s ThinkPad T14s Gen 3 and X13 Gen 3 models, where the BIOS tamper detection feature may fail to activate under certain conditions. This lapse could potentially allow unauthorized access, posing a significant security risk. Users of these devices should ensure their BIOS is updated to the latest version to mitigate this issue. For further details and guidance, refer to Lenovo's official security support page.

Affected Version(s)

ThinkPad T14s Gen 3 BIOS

ThinkPad X13 Gen3 BIOS

References

https://support.lenovo.com/us/en/product_security/LEN-106014

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 9, 2023
Vulnerability Reserved
Oct 27, 2022

Credit

Lenovo thanks Zoltan Harmath for reporting this vulnerability.