Martin Smolár had found vulnerabilities in the Driver Execution Environment (DXE) driver. This bug could allow attackers to disable the Secure Boot by making modifications to NVRAM variables. Lenovo has responded to the research and published the following advisory details the flaws:
“CVE-2022-3430: A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable. CVE-2022-3431: A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable. CVE-2022-3432: A potential vulnerability in a driver used during manufacturing process on the Ideapad Y700-14ISK that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.”
Fix
According to the Chinese PC manufacturer, the vulnerabilities are in Lenovo Notebook BIOS. The company says users can fix the vulnerabilities by updating to the following firmware releases:
“For CVE-2022-3430 and CVE-2022-3431, update system firmware to the version (or newer) indicated for your model in the product Impact section. For CVE-2022-3432, the Ideapad Y700-14ISK has reached end of development support and no fixes will be released. Lenovo recommends customers adopt secure computing practices, including active system lifecycle management.”
Smolár previously found vulnerabilities in UEFI on Lenovo models earlier this year. While these flaws are different, they give the PC company more problems. To see a full list of the notebook models affected and to see which patch to apply, head to Lenovo’s official website here. Tip of the day: Having problems with pop-ups and unwanted programs in Windows? Try the hidden adware blocker of Windows Defender. We show you how to turn it on in just a few steps.
