ThinkPad BIOS Vulnerability: Bypassing Secure Boot via Improper Write Protection of UEFI Variables

ThinkPad BIOS Vulnerability: Bypassing Secure Boot via Improper Write Protection of UEFI Variables

CVE-2022-4575 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attacker with physical or local access and elevated privileges the ability to bypass Secure Boot.

Learn more about our Cis Benchmark Audit For Apple Ios.