Friday, August 19, 2022
CybersecFill
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
CybersecFill
No Result
View All Result
Home Article

Be Alert!!! Lenovo Firmware Vulnerabilities Affect Millions of Laptops.

Henrietta Ijenebe by Henrietta Ijenebe
July 26, 2022
in Article
0
Be Alert!!! Lenovo Firmware Vulnerabilities Affect Millions of Laptops.

ImageSource: https://researchsnipers.com

Share on FacebookShare on Twitter

A few days ago, consumer electronics maker Lenovo, rolled out fixes to curb three security flaws in its UEFI firmware affecting over 70 product models. “The vulnerabilities can be exploited to achieve arbitrary code execution in the early phases of the platform boot, possibly allowing the attackers to hijack the OS execution flow and disable some important security features,” Slovak cybersecurity firm ESET said in a series of tweets. Tracked as CVE-2022-1890, CVE-2022-1891, and CVE-2022-1892, all three bugs relate to buffer overflow vulnerabilities that have been described by Lenovo as leading to privilege escalation on affected systems. Martin Smolár from ESET has been credited with reporting the flaws.

The bugs stem from an insufficient validation of an NVRAM variable called “DataSize” in three different drivers ReadyBootDxe, SystemLoadDefaultDxe, and SystemBootManagerDxe, resulting in a buffer overflow that could be weaponized to achieve code execution. This is the second time Lenovo has moved to address UEFI security vulnerabilities since the start of the year. In April, the company resolved three flaws (CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972) — also discovered by Smolár — that could have been abused to deploy and execute firmware implants. Users of impacted devices are highly recommended to update their firmware to the latest version to mitigate potential threats.

Conclusion

Security updates can never be overemphasised. The best practice remains to update your software and firmware as required.

 

 

Tags: BIOSBuffer overflowFirmwareHijack
Henrietta Ijenebe

Henrietta Ijenebe

Another Breed striving to make our cyber.space a better state of existence. CyberContent Writer at Cybersecfill. Cybersecurity Threat Intelligence Analysis... Penetration Testing... I code in Javascript...Python...PHP I convey with HTML I beautify with CSS

Next Post
Harmful RAT!!!  Australian Hacker Charged for Creating and Selling Spyware…

Harmful RAT!!! Australian Hacker Charged for Creating and Selling Spyware...

0 0 votes
Article Rating
Login
guest
guest
0 Comments
Inline Feedbacks
View all comments
  • Trending
  • Comments
  • Latest
CEH_PRACTICAL

CEH PRACTICAL EXAM – TICKET TO CEH MASTER

February 6, 2021
Wireless Access Point

How To Secure Your Wireless Access Point (WAP)

August 3, 2019
Getting Started in Cybersecurity – Fundamentals You Should Not Miss.

Getting Started in Cybersecurity – Fundamentals You Should Not Miss.

May 17, 2022
Wifi 6 Security

Did Wi-Fi 6 come with an Improvement In Security?

May 13, 2019
Inside The Mind Of A Threat Actor!!!

Inside The Mind Of A Threat Actor!!!

19
Getting Started in Cybersecurity – Fundamentals You Should Not Miss.

Getting Started in Cybersecurity – Fundamentals You Should Not Miss.

14
Nationa Cybersecurity Strategy

A Review of the Nigeria National Cybersecurity Strategy

9
Facebook

Facebook’s New Settings Allows Hackers To Easily Pentest Facebook,Instagram Mobile Applications

8
Breaking!!! CISCO Confirms it Has Been Hacked…

Breaking!!! CISCO Confirms it Has Been Hacked…

August 18, 2022
Breaking!!! Your Twitter Account May Have Been Hacked…!

Breaking!!! Your Twitter Account May Have Been Hacked…!

August 18, 2022
Harmful RAT!!!  Australian Hacker Charged for Creating and Selling Spyware…

Harmful RAT!!! Australian Hacker Charged for Creating and Selling Spyware…

August 18, 2022
Be Alert!!! Lenovo Firmware Vulnerabilities Affect Millions of Laptops.

Be Alert!!! Lenovo Firmware Vulnerabilities Affect Millions of Laptops.

July 26, 2022

Recommended

Breaking!!! CISCO Confirms it Has Been Hacked…

Breaking!!! CISCO Confirms it Has Been Hacked…

August 18, 2022
Breaking!!! Your Twitter Account May Have Been Hacked…!

Breaking!!! Your Twitter Account May Have Been Hacked…!

August 18, 2022
Harmful RAT!!!  Australian Hacker Charged for Creating and Selling Spyware…

Harmful RAT!!! Australian Hacker Charged for Creating and Selling Spyware…

August 18, 2022
Be Alert!!! Lenovo Firmware Vulnerabilities Affect Millions of Laptops.

Be Alert!!! Lenovo Firmware Vulnerabilities Affect Millions of Laptops.

July 26, 2022

© 2020 CybersecFill. All Rights Reserved.

No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us

© 2020 CybersecFill. All Rights Reserved.

wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply

Privacy Policy - Terms and Conditions