Vulnerability in Lenovo Notebook WMI Setup Driver Allows Unauthorized Modification of Secure Boot Settings

Vulnerability in Lenovo Notebook WMI Setup Driver Allows Unauthorized Modification of Secure Boot Settings

CVE-2022-3430 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.

Learn more about our Web Application Penetration Testing UK.