Common Weakness Enumeration
CWE-787
Allowed-with-ReviewOut-of-bounds Write
Abstraction: Base · Status: Draft
The product writes data past the end, or before the beginning, of the intended buffer.
15109 vulnerabilities reference this CWE, most recent first.
CVE-2025-10920 (GCVE-0-2025-10920)
Vulnerability from cvelistv5 – Published: 2025-10-29 19:29 – Updated: 2026-02-26 16:57
VLAI
EPSS
VEX
Title
GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Summary
GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of ICNS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27684.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://gitlab.gnome.org/GNOME/gimp/-/merge_reque… | vendor-advisory |
Date Public
2025-09-24 18:19
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10920",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T03:56:06.341189Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:57:00.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GIMP",
"vendor": "GIMP",
"versions": [
{
"status": "affected",
"version": "3.0.4"
}
]
}
],
"dateAssigned": "2025-09-24T15:53:33.847Z",
"datePublic": "2025-09-24T18:19:03.590Z",
"descriptions": [
{
"lang": "en",
"value": "GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of ICNS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27684."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T19:29:35.471Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-909",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-909/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2443"
}
],
"source": {
"lang": "en",
"value": "MICHAEL RANDRIANANTENAINA [https://elkamika.blogspot.com/]"
},
"title": "GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-10920",
"datePublished": "2025-10-29T19:29:35.471Z",
"dateReserved": "2025-09-24T15:53:33.759Z",
"dateUpdated": "2026-02-26T16:57:00.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10900 (GCVE-0-2025-10900)
Vulnerability from cvelistv5 – Published: 2025-12-15 23:45 – Updated: 2026-05-07 19:40
VLAI
EPSS
VEX
Title
MODEL File Parsing Out-of-Bounds Write Vulnerability
Summary
AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-Bounds Write
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.autodesk.com/products/autodesk-access… | patch |
| https://www.autodesk.com/trust/security-advisorie… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Autodesk | Shared Components |
Affected:
1.8.0.7 , < 1.9.0.7
(custom)
cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10900",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T04:55:23.119502Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:07:35.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Shared Components",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "1.9.0.7",
"status": "affected",
"version": "1.8.0.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-Bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T19:40:50.876Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0024"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "MODEL File Parsing Out-of-Bounds Write Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2025-10900",
"datePublished": "2025-12-15T23:45:26.861Z",
"dateReserved": "2025-09-23T21:58:04.173Z",
"dateUpdated": "2026-05-07T19:40:50.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10899 (GCVE-0-2025-10899)
Vulnerability from cvelistv5 – Published: 2025-12-15 23:45 – Updated: 2026-05-07 19:40
VLAI
EPSS
VEX
Title
MODEL File Parsing Out-of-Bounds Write Vulnerability
Summary
AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-Bounds Write
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.autodesk.com/products/autodesk-access… | patch |
| https://www.autodesk.com/trust/security-advisorie… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Autodesk | Shared Components |
Affected:
1.8.0.7 , < 1.9.0.7
(custom)
cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10899",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T04:55:24.893624Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:07:35.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Shared Components",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "1.9.0.7",
"status": "affected",
"version": "1.8.0.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-Bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T19:40:25.329Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0024"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "MODEL File Parsing Out-of-Bounds Write Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2025-10899",
"datePublished": "2025-12-15T23:45:00.819Z",
"dateReserved": "2025-09-23T21:58:02.191Z",
"dateUpdated": "2026-05-07T19:40:25.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10898 (GCVE-0-2025-10898)
Vulnerability from cvelistv5 – Published: 2025-12-15 23:44 – Updated: 2026-05-07 19:39
VLAI
EPSS
VEX
Title
MODEL File Parsing Out-of-Bounds Write Vulnerability
Summary
AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-Bounds Write
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.autodesk.com/products/autodesk-access… | patch |
| https://www.autodesk.com/trust/security-advisorie… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Autodesk | Shared Components |
Affected:
1.8.0.7 , < 1.9.0.7
(custom)
cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10898",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T04:55:26.594115Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:07:35.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Shared Components",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "1.9.0.7",
"status": "affected",
"version": "1.8.0.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-Bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T19:39:53.637Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0024"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "MODEL File Parsing Out-of-Bounds Write Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2025-10898",
"datePublished": "2025-12-15T23:44:26.564Z",
"dateReserved": "2025-09-23T21:58:00.616Z",
"dateUpdated": "2026-05-07T19:39:53.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10888 (GCVE-0-2025-10888)
Vulnerability from cvelistv5 – Published: 2025-12-15 23:43 – Updated: 2026-05-07 19:39
VLAI
EPSS
VEX
Title
MODEL File Parsing Out-of-Bounds Write Vulnerability
Summary
AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-Bounds Write
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.autodesk.com/products/autodesk-access… | patch |
| https://www.autodesk.com/trust/security-advisorie… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Autodesk | Shared Components |
Affected:
1.8.0.7 , < 1.9.0.7
(custom)
cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10888",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T04:55:30.267396Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:07:36.209Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Shared Components",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "1.9.0.7",
"status": "affected",
"version": "1.8.0.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-Bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T19:39:03.711Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0024"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "MODEL File Parsing Out-of-Bounds Write Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2025-10888",
"datePublished": "2025-12-15T23:43:22.374Z",
"dateReserved": "2025-09-23T15:29:54.154Z",
"dateUpdated": "2026-05-07T19:39:03.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10884 (GCVE-0-2025-10884)
Vulnerability from cvelistv5 – Published: 2025-12-15 23:41 – Updated: 2026-05-07 19:37
VLAI
EPSS
VEX
Title
CATPART File Parsing Out-of-Bounds Write Vulnerability
Summary
AA maliciously crafted CATPART file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-Bounds Write
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.autodesk.com/products/autodesk-access… | patch |
| https://www.autodesk.com/trust/security-advisorie… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Autodesk | Shared Components |
Affected:
1.8.0.7 , < 1.9.0.7
(custom)
cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10884",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T04:55:36.076858Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:07:37.072Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Shared Components",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "1.9.0.7",
"status": "affected",
"version": "1.8.0.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AA maliciously crafted CATPART file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "AA maliciously crafted CATPART file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-Bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T19:37:32.087Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0024"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CATPART File Parsing Out-of-Bounds Write Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2025-10884",
"datePublished": "2025-12-15T23:41:34.185Z",
"dateReserved": "2025-09-23T15:29:51.807Z",
"dateUpdated": "2026-05-07T19:37:32.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10882 (GCVE-0-2025-10882)
Vulnerability from cvelistv5 – Published: 2025-12-15 23:40 – Updated: 2026-05-07 19:36
VLAI
EPSS
VEX
Title
X_T File Parsing Out-of-Bounds Write Vulnerability
Summary
AA maliciously crafted X_T file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-Bounds Write
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.autodesk.com/products/autodesk-access… | patch |
| https://www.autodesk.com/trust/security-advisorie… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Autodesk | Shared Components |
Affected:
1.8.0.7 , < 1.9.0.7
(custom)
cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10882",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T04:55:39.499357Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:07:37.516Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:shared_components:1.8.0.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Shared Components",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "1.9.0.7",
"status": "affected",
"version": "1.8.0.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AA maliciously crafted X_T file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "AA maliciously crafted X_T file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-Bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T19:36:13.740Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.autodesk.com/products/autodesk-access/overview"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0024"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "X_T File Parsing Out-of-Bounds Write Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2025-10882",
"datePublished": "2025-12-15T23:40:24.134Z",
"dateReserved": "2025-09-23T15:29:50.560Z",
"dateUpdated": "2026-05-07T19:36:13.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10451 (GCVE-0-2025-10451)
Vulnerability from cvelistv5 – Published: 2025-12-12 00:28 – Updated: 2025-12-12 18:45
VLAI
EPSS
VEX
Title
H19Int15CallbackSmm: SMM memory corruption vulnerability in combined DXE/SMM (SMRAM write)
Summary
Unchecked output buffer may allowed arbitrary code execution in SMM and potentially result in SMM memory corruption.
Severity
8.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Insyde Software | InsydeH2O |
Affected:
HP feature version before 20C1
|
Date Public
2025-12-09 00:23
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-12T18:44:42.715064Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-12T18:45:44.288Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "InsydeH2O",
"vendor": "Insyde Software",
"versions": [
{
"status": "affected",
"version": "HP feature version before 20C1"
}
]
}
],
"datePublic": "2025-12-09T00:23:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnchecked output buffer may allowed arbitrary code execution in SMM and potentially result in SMM memory corruption.\u003c/span\u003e"
}
],
"value": "Unchecked output buffer may allowed arbitrary code execution in SMM and potentially result in SMM memory corruption."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-12T00:30:25.404Z",
"orgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"shortName": "Insyde"
},
"references": [
{
"url": "https://www.insyde.com/security-pledge/sa-2025009/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "H19Int15CallbackSmm: SMM memory corruption vulnerability in combined DXE/SMM (SMRAM write)",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8338d8cb-57f7-4252-abc0-96fd13e98d21",
"assignerShortName": "Insyde",
"cveId": "CVE-2025-10451",
"datePublished": "2025-12-12T00:28:52.829Z",
"dateReserved": "2025-09-15T01:13:10.842Z",
"dateUpdated": "2025-12-12T18:45:44.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10238 (GCVE-0-2025-10238)
Vulnerability from cvelistv5 – Published: 2026-06-10 14:11 – Updated: 2026-06-11 03:55
VLAI
EPSS
VEX
Summary
During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode (SMM).
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.lenovo.com/us/en/product_security… | vendor-advisory |
Impacted products
108 products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10238",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T03:55:27.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "X13 Gen 6 (Type 21RK, 21RL) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Carbon 13th Gen (Type 21NX, 21NY) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P16v Gen 3 (Type 21RS, 21RT) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "BIOS: 1.13 / ECFW: 1.09",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L16 Gen 1 (Type 21L7 21L8) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14s Gen 6 (Type 21TB, 21TC) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P14s Gen 6 (Type 21QT, 21QU) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "UEFI BIOS V1.22/ECP V1.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L13 Gen 6 (Type 21RB, 21RC) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L14 Gen 6 (Type 21SE, 21SF) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E16 Gen 3 (Type 22AY, 22B0) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.38",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L16 Gen 2 (Type 21SC, 21SD) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X13 Gen 6 (Type 21RM, 21RN) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.62/1.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14s Gen 6 (Type 21R1, 21R2) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 2-in-1 Gen 9 (Type 21KE, 21KF) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.45",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Fold 16 Gen 1 (Type 21ES, 21ET) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Z16 Gen 2 (Type 21JX, 21JY) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.37",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P16v Gen 1 (Type 21FE, 21FF) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.65/1.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X13 Gen 4 (Type 21J3, 21J4) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.37",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14s Gen 4 (Type 21F8, 21F9) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P14s Gen 4 (Type 21K5, 21K6) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.47",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P1 Gen 6 (Type 21FV, 21FW) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.38",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P16v Gen 1 (Type 21FC, 21FD) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "BIOS: 1.40 / ECFW: 1.09",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P16 Gen 2 (Type 21FA, 21FB) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "BIOS: 1.61 / ECFW: 1.57",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X13 Yoga Gen 4 (Type 21F2, 21F3) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.22",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P16s Gen 2 (Type 21HK, 21HL) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.51",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E14 Gen 5 (Type 21JR, 21JS) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14s Gen 4 (Type 21F6, 21F7) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.23",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ThinkPad R14 Gen 5 Type 21JM PRC BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.41",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L14 Gen 4 (Type 21H1, 21H2) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.34",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L13 Gen 4 (Type 21FG, 21FH) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.24",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Nano Gen 3 (Type 21K1, 21K2) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S2 Yoga Gen 8 (Types 21FU) China Only Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L15 Gen 4 (Type 21H7, 21H8) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.27",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Yoga 8th Gen (Type 21HQ, 21HR) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.37",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14s Gen 6 (Type 21M1, 21M2) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.62/1.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P15v Gen 3 (Type 21EN 21EM) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThanOrEqual": "1.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P16 Gen 1 (Type 21D6, 21D7) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.69",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 2-in-1 Gen 10 (Type 21NU, 21NV) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.39",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X9-15 Gen 1 (Type 21Q6, 21Q7) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.17",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X9-14 Gen 1 (Type 21QA, 21QB) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14s Gen 5 (Type 21LS, 21LT) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L14 Gen 5 (Type 21L1, 21L2) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.24",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E14 Gen 6 (Type 21M3, 21M4) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.27",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E16 Gen 3 (Type 21SR, 21SS) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14 Gen 3 (Type 21AH, 21AJ) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.45/1.25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T15p Gen 3 (Type 21DA 21DB) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.67",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P1 Gen 5 (Type 21DC 21DD) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14s Gen 3 (Type 21CQ 21CR) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.51",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P14s Gen 3 (Type 21J5, 21J6) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.63",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Z16 Gen 1 (Type 21D4, 21D5) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.76",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14s Gen 3 (Type 21BR 21BS) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.48",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L14 Gen 3 (type 21C1, 21C2) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.44",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X13 Yoga Gen 3 (Type 21AW 21AX) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L13 Yoga Gen 3 (Type 21B5, 21B6) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.31",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E14 Gen 4 (type 21E3, 21E4) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.34",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Nano Gen 2 (Type 21E8 21E9) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.32",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E15 Gen 4 (type 21ED 21EE) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.27",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ThinkPad S2 Gen 7 Type 21BD BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThanOrEqual": "1.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Yoga 7th Gen (Type 21CD, 21CE) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.52",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L14 Gen 3 (type 21C5, 21C6) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ThinkPad S2 Yoga Gen 6 Type 20VN China Only BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.38/1.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Yoga 6th Gen (Type 20XY, 20Y0) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.75",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E15 Gen 3 (Type 20YG, 20YH, 20YJ, 20YK) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.24",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X13 Yoga Gen 2 (Type 20W8, 20W9) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.51",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X13 Gen 2 (Type 20WK, 20WL) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.64",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L14 Gen 2 (type 20X5, 20X6) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T15g Gen 1 (type 20UR 20US) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.97",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X13 Gen 2 (Type 20XH, 20XJ) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T15p Gen 2 (Type 21A7, 21A8) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.83",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P14s Gen 2 (type 21A0, 21A1) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.33",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ThinkPad S2 Yoga Gen 6 Type 21AG China Only BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThanOrEqual": "1.38",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Extreme 4th Gen (Type 20Y5, 20Y6) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.33",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P17 Gen 2 (type 20YU, 20YV) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.97",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Titanium (Type 20QA, 20QB) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.37",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Nano Gen 1 (Type 20UN 20UQ) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.68",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X12 Detachable Gen 1 (Type 20UW, 20UV) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThanOrEqual": "1.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E16 Gen 2 (Type 21MA, 21MB) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X13 Gen 5 (Type 21LU, 21LV) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.17",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L14 Gen 2 Type 20X1 20X2 Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.73",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E16 Gen 3 (Type 21ST, 21SU) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T16 Gen 4 (Type 21QE, 21QF) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T16 Gen 4 (Type 22AW, 22AX) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.08",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T15 Gen 2 (Type 20W4, 20W5) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.69/1.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Fold Gen 1 (Type 20RK, 20RL) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.34",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Extreme 3rd Gen (Type 20TK, 20TL) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.37",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14s (Type 20T0, 20T1) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.37",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T15 (type 20S6, 20S7) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.34",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X13 Yoga Gen 1 (Type 20SX, 20SY) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.57",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Yoga 5th Gen (Type 20UB, 20UC) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.41",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X390 Yoga (Type 20NN, 20NQ) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "2.05",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Yoga 4th Gen (Type 20SA, 20SB) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.66/1.55",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X390 (Type 20SC, 20SD) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.87/1.32",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P73 (type 20QR, 20QS) Laptop (Thinkpad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "2.01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T490 (Type 20N2, 20N3) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.85/1.26",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X1 Extreme 2nd Gen (Type 20QV, 20QW) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.55",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L390 (type 20NR, 20NS) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.53",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L13 (type 20R3, 20R4) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.45",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L13 Gen 5 (Type 21LB, 21LC) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E14 Gen 7 (Type 21T9, 21TA) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P14s Gen 6 (Type 21QL, 21QM) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.17",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L13 2-in-1 Gen 6 (Type 21R7, 21R8) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "L14 Gen 6 (Type 21S6, 21S7) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.06",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14s Gen 6 (Type 21QX, 21QY) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P1 Gen 7 (Type 21KV, 21KW) Laptop (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.17",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P14s Gen 5 (Type 21G2, 21G3) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.26",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T14 Gen 5 (Type 21MC, 21MD) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.18",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X12 Detachable Gen 2 (Type 21LK, 21LL) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T16 Gen 3 (Type 21MN, 21MQ) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.16",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P16v Gen 2 (Type 21KX, 21KY) Laptops (ThinkPad) BIOS",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.18",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x13_gen_6_type_21rk_21rl_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.12",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_carbon_13th_gen_type_21nx_21ny_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.15",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p16v_gen_3_type_21rs_21rt_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "bios_1.13_ecfw_1.09",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l16_gen_1_type_21l7_21l8_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.40",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14s_gen_6_type_21tb_21tc_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p14s_gen_6_type_21qt_21qu_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "uefi_bios_v1.22_ecp_v1.13",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l13_gen_6_type_21rb_21rc_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.15",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l14_gen_6_type_21se_21sf_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:e16_gen_3_type_22ay_22b0_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.38",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l16_gen_2_type_21sc_21sd_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.13",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x13_gen_6_type_21rm_21rn_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.62_1.12",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14s_gen_6_type_21r1_21r2_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.10",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_2-in-1_gen_9_type_21ke_21kf_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.45",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_fold_16_gen_1_type_21es_21et_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.25",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:z16_gen_2_type_21jx_21jy_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.37",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p16v_gen_1_type_21fe_21ff_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.65_1.13",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x13_gen_4_type_21j3_21j4_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.37",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14s_gen_4_type_21f8_21f9_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p14s_gen_4_type_21k5_21k6_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.47",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p1_gen_6_type_21fv_21fw_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.38",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p16v_gen_1_type_21fc_21fd_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "bios_1.40_ecfw_1.09",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p16_gen_2_type_21fa_21fb_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "bios_1.61_ecfw_1.57",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x13_yoga_gen_4_type_21f2_21f3_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.22",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p16s_gen_2_type_21hk_21hl_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.51",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:e14_gen_5_type_21jr_21js_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.29",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14s_gen_4_type_21f6_21f7_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.23",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_r14_gen_5_type_21jm_prc_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.41",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l14_gen_4_type_21h1_21h2_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.34",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l13_gen_4_type_21fg_21fh_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.24",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_nano_gen_3_type_21k1_21k2_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s2_yoga_gen_8_types_21fu_china_only_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l15_gen_4_type_21h7_21h8_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.27",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_yoga_8th_gen_type_21hq_21hr_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.37",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14s_gen_6_type_21m1_21m2_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.62_1.12",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p15v_gen_3_type_21en_21em_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.28",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p16_gen_1_type_21d6_21d7_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.69",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_2-in-1_gen_10_type_21nu_21nv_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.39",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x9-15_gen_1_type_21q6_21q7_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.17",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x9-14_gen_1_type_21qa_21qb_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.21",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14s_gen_5_type_21ls_21lt_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l14_gen_5_type_21l1_21l2_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.24",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:e14_gen_6_type_21m3_21m4_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.27",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:e16_gen_3_type_21sr_21ss_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14_gen_3_type_21ah_21aj_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.45_1.25",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t15p_gen_3_type_21da_21db_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.67",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p1_gen_5_type_21dc_21dd_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.29",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14s_gen_3_type_21cq_21cr_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.51",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p14s_gen_3_type_21j5_21j6_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.63",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:z16_gen_1_type_21d4_21d5_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.76",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14s_gen_3_type_21br_21bs_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.48",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l14_gen_3_type_21c1_21c2_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.44",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x13_yoga_gen_3_type_21aw_21ax_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.25",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l13_yoga_gen_3_type_21b5_21b6_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.31",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:e14_gen_4_type_21e3_21e4_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.34",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_nano_gen_2_type_21e8_21e9_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.32",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:e15_gen_4_type_21ed_21ee_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.27",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_gen_7_type_21bd_bios:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_yoga_7th_gen_type_21cd_21ce_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.52",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l14_gen_3_type_21c5_21c6_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_6_type_20vn_china_only_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.38_1.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_yoga_6th_gen_type_20xy_20y0_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.75",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:e15_gen_3_type_20yg_20yh_20yj_20yk_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.24",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x13_yoga_gen_2_type_20w8_20w9_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.51",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x13_gen_2_type_20wk_20wl_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.64",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l14_gen_2_type_20x5_20x6_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t15g_gen_1_type_20ur_20us_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.97",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x13_gen_2_type_20xh_20xj_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.36",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t15p_gen_2_type_21a7_21a8_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.83",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p14s_gen_2_type_21a0_21a1_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.33",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_6_type_21ag_china_only_bios:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.38",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_extreme_4th_gen_type_20y5_20y6_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.33",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p17_gen_2_type_20yu_20yv_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.97",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_titanium_type_20qa_20qb_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.37",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_nano_gen_1_type_20un_20uq_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.68",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x12_detachable_gen_1_type_20uw_20uv_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.40",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:e16_gen_2_type_21ma_21mb_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.21",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x13_gen_5_type_21lu_21lv_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.17",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l14_gen_2_type_20x1_20x2_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.73",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:e16_gen_3_type_21st_21su_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.21",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t16_gen_4_type_21qe_21qf_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.10",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t16_gen_4_type_22aw_22ax_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.08",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t15_gen_2_type_20w4_20w5_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.69_1.21",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_fold_gen_1_type_20rk_20rl_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.34",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_extreme_3rd_gen_type_20tk_20tl_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.37",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14s_type_20t0_20t1_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.37",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t15_type_20s6_20s7_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.34",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x13_yoga_gen_1_type_20sx_20sy_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.57",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_yoga_5th_gen_type_20ub_20uc_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.41",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x390_yoga_type_20nn_20nq_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.05",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_yoga_4th_gen_type_20sa_20sb_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.66_1.55",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x390_type_20sc_20sd_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.87_1.32",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p73_type_20qr_20qs_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.01",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t490_type_20n2_20n3_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.85_1.26",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x1_extreme_2nd_gen_type_20qv_20qw_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.55",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l390_type_20nr_20ns_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.53",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l13_type_20r3_20r4_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.45",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l13_gen_5_type_21lb_21lc_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.21",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:e14_gen_7_type_21t9_21ta_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.11",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p14s_gen_6_type_21ql_21qm_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.17",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l13_2-in-1_gen_6_type_21r7_21r8_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.10",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:l14_gen_6_type_21s6_21s7_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.06",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14s_gen_6_type_21qx_21qy_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.14",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p1_gen_7_type_21kv_21kw_laptop_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.17",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p14s_gen_5_type_21g2_21g3_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.26",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t14_gen_5_type_21mc_21md_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:x12_detachable_gen_2_type_21lk_21ll_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.21",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:t16_gen_3_type_21mn_21mq_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.16",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:p16v_gen_2_type_21kx_21ky_laptops_thinkpad_bios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "During an internal security assessment, a\u0026nbsp;potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode (SMM).\u0026nbsp;"
}
],
"value": "During an internal security assessment, a\u00a0potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode (SMM)."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T14:11:21.336Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-218282"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the version (or newer) as recommended in the advisory:\u0026nbsp;https://support.lenovo.com/us/en/product_security/LEN-218282"
}
],
"value": "Update to the version (or newer) as recommended in the advisory:\u00a0https://support.lenovo.com/us/en/product_security/LEN-218282"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 1.0.0-beta"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2025-10238",
"datePublished": "2026-06-10T14:11:21.336Z",
"dateReserved": "2025-09-10T15:30:05.055Z",
"dateUpdated": "2026-06-11T03:55:27.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9903 (GCVE-0-2025-9903)
Vulnerability from cvelistv5 – Published: 2025-09-29 00:44 – Updated: 2026-03-15 23:37
VLAI
EPSS
VEX
Summary
Out-of-bounds write vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / Generic FAX Driver / LIPS4 Printer Driver / LIPSLX Printer Driver / UFR II Printer Driver / PS Printer Driver / PCL6 Printer Driver
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://psirt.canon/advisory-information/cp2025-005/ | vendor-advisory |
| https://canon.jp/support/support-info/250925vulne… | vendor-advisory |
| https://www.usa.canon.com/about-us/to-our-custome… | vendor-advisory |
| https://www.canon-europe.com/support/product-security/ | vendor-advisory |
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| Canon Inc. | Generic Plus PCL6 Printer Driver |
Affected:
3.30 and earlier
|
|
| Canon Inc. | Generic Plus UFR II Printer Driver |
Affected:
3.30 and earlier
|
|
| Canon Inc. | Generic Plus LIPS4 Printer Driver |
Affected:
3.30 and earlier
|
|
| Canon Inc. | Generic Plus LIPSLX Printer Driver |
Affected:
3.30 and earlier
|
|
| Canon Inc. | Generic Plus PS Printer Driver |
Affected:
3.30 and earlier
|
|
| Canon Inc. | UFRII LT Printer Driver |
Affected:
31.05 and earlier
|
|
| Canon Inc. | CARPS2 Printer Driver |
Affected:
31.05 and earlier
|
|
| Canon Inc. | Generic FAX Driver |
Affected:
10.67 and earlier
|
|
| Canon Inc. | LIPS4 Printer Driver |
Affected:
15.00 and earlier
|
|
| Canon Inc. | LIPSLX Printer Driver |
Affected:
15.00 and earlier
|
|
| Canon Inc. | UFR II Printer Driver |
Affected:
15.00 and earlier
|
|
| Canon Inc. | PS Printer Driver |
Affected:
15.00 and earlier
|
|
| Canon Inc. | PCL6 Printer Driver |
Affected:
15.00 and earlier
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9903",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-29T11:55:46.509263Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T11:56:21.301Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Generic Plus PCL6 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "3.30 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Generic Plus UFR II Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "3.30 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Generic Plus LIPS4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "3.30 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Generic Plus LIPSLX Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "3.30 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Generic Plus PS Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "3.30 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UFRII LT Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "31.05 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CARPS2 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "31.05 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Generic FAX Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "10.67 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "LIPS4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "15.00 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "LIPSLX Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "15.00 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UFR II Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "15.00 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PS Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "15.00 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PCL6 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "15.00 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds write vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / Generic FAX Driver / LIPS4 Printer Driver / LIPSLX Printer Driver / UFR II Printer Driver / PS Printer Driver / PCL6 Printer Driver"
}
],
"value": "Out-of-bounds write vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / Generic FAX Driver / LIPS4 Printer Driver / LIPSLX Printer Driver / UFR II Printer Driver / PS Printer Driver / PCL6 Printer Driver"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T23:37:40.864Z",
"orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
"shortName": "Canon"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.canon/advisory-information/cp2025-005/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://canon.jp/support/support-info/250925vulnerability-response"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.usa.canon.com/about-us/to-our-customers/cp2025-005-vulnerabilities-remediation-for-certain-printer-drivers-for-production-printers-office-small-office-multifunction-printers-laser-printers"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.canon-europe.com/support/product-security/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
"assignerShortName": "Canon",
"cveId": "CVE-2025-9903",
"datePublished": "2025-09-29T00:44:55.506Z",
"dateReserved": "2025-09-03T07:03:46.601Z",
"dateUpdated": "2026-03-15T23:37:40.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation MIT-3
Requirements
Strategy: Language Selection
- Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, many languages that perform their own memory management, such as Java and Perl, are not subject to buffer overflows. Other languages, such as Ada and C#, typically provide overflow protection, but the protection can be disabled by the programmer.
- Be wary that a language's interface to native code may still be subject to overflows, even if the language itself is theoretically safe.
Mitigation MIT-4.1
Architecture and Design
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- Examples include the Safe C String Library (SafeStr) by Messier and Viega [REF-57], and the Strsafe.h library from Microsoft [REF-56]. These libraries provide safer versions of overflow-prone string-handling functions.
Mitigation MIT-10
Operation
Build and Compilation
Strategy: Environment Hardening
- Use automatic buffer overflow detection mechanisms that are offered by certain compilers or compiler extensions. Examples include: the Microsoft Visual Studio /GS flag, Fedora/Red Hat FORTIFY_SOURCE GCC flag, StackGuard, and ProPolice, which provide various mechanisms including canary-based detection and range/index checking.
- D3-SFCV (Stack Frame Canary Validation) from D3FEND [REF-1334] discusses canary-based detection in detail.
Mitigation MIT-9
Implementation
- Consider adhering to the following rules when allocating and managing an application's memory:
- Double check that the buffer is as large as specified.
- When using functions that accept a number of bytes to copy, such as strncpy(), be aware that if the destination buffer size is equal to the source buffer size, it may not NULL-terminate the string.
- Check buffer boundaries if accessing the buffer in a loop and make sure there is no danger of writing past the allocated space.
- If necessary, truncate all input strings to a reasonable length before passing them to the copy and concatenation functions.
Mitigation MIT-11
Operation
Build and Compilation
Strategy: Environment Hardening
- Run or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code.
- Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported modules may be similarly realigned if their default memory addresses conflict with other modules, in a process known as "rebasing" (for Windows) and "prelinking" (for Linux) [REF-1332] using randomly generated addresses. ASLR for libraries cannot be used in conjunction with prelink since it would require relocating the libraries at run-time, defeating the whole purpose of prelinking.
- For more information on these techniques see D3-SAOR (Segment Address Offset Randomization) from D3FEND [REF-1335].
Mitigation MIT-12
Operation
Strategy: Environment Hardening
- Use a CPU and operating system that offers Data Execution Protection (using hardware NX or XD bits) or the equivalent techniques that simulate this feature in software, such as PaX [REF-60] [REF-61]. These techniques ensure that any instruction executed is exclusively at a memory address that is part of the code segment.
- For more information on these techniques see D3-PSEP (Process Segment Execution Prevention) from D3FEND [REF-1336].
Mitigation MIT-13
Implementation
Replace unbounded copy functions with analogous functions that support length arguments, such as strcpy with strncpy. Create these if they are not available.
No CAPEC attack patterns related to this CWE.