Vulnerability Database

309,961

Total vulnerabilities in the database

CVE-2022-48188

A buffer overflow vulnerability in the SecureBootDXE BIOS driver of some Lenovo Desktop and ThinkStation models could allow an attacker with local access to elevate their privileges to execute arbitrary code.

  • Published: Jun 5, 2023
  • Updated: Nov 16, 2025
  • CVE: CVE-2022-48188
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.7
  • AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
lenovo / ideacentre_aio_3_21itl7_firmware - o5akt33
lenovo / ideacentre_aio_3-22itl6_firmware - o5akt33
lenovo / ideacentre_aio_3-24itl6_firmware - o5akt33
lenovo / ideacentre_aio_3-27itl6_firmware - o5akt33
lenovo / thinkcentre_m720e_firmware - m1zkt40a
lenovo / thinkcentre_m720q_firmware - m1ukt70a
lenovo / thinkcentre_m720s_firmware - m1ukt70a
lenovo / thinkcentre_m720t_firmware - m1ukt70a
lenovo / thinkcentre_m725s_firmware - m25kt63a
lenovo / thinkcentre_m75s_gen_2_firmware - m46kt30a
lenovo / thinkcentre_m75s_gen_2_firmware - m3bkt30a
lenovo / thinkcentre_m75t_gen_2_firmware - m46kt30a
lenovo / thinkcentre_m75t_gen_2_firmware - m3akt4ca
lenovo / thinkcentre_m920q_firmware - m1ukt70a
lenovo / thinkcentre_m920s_firmware - m1ukt70a
lenovo / thinkcentre_m920t_firmware - m1ukt70a
lenovo / thinkcentre_m920x_firmware - m1ukt70a
lenovo / thinkcentre_m920z_firmware - m1mkt55a
lenovo / ideacentre_510s-07icb_firmware - m22kt48a
lenovo / ideacentre_510s-07icb_firmware - m22kt49a
lenovo / ideacentre_510s-07ick_firmware - m30kt28a
lenovo / ideacentre_510s-07ick_firmware - m1zkt40a
lenovo / ideacentre_720-18apr_firmware - m25kt63a
lenovo / v30a-22itl_firmware - o5akt33
lenovo / v30a-24itl_firmware - o5akt33
lenovo / v530s-07icb_firmware - m22kt49a
lenovo / v530s-07icr_firmware - m1zkt40a
lenovo / thinkstation_p330_tiny_firmware - m1ukt70a
lenovo / thinkstation_p360_ultra_firmware - s0fkt27a
lenovo / thinkstation_p520_firmware - s03kt58a
lenovo / thinkstation_p520c_firmware - s03kt58a