CVE-2022-3743
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-3743
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller (EC) commands.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
Lenovo Notebook 信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Lenovo Notebook是中国联想(Lenovo)公司的联想的一款笔记本电脑。 Lenovo notebook存在信息泄露漏洞,该漏洞源于LCFC BIOS 中存在安全问题,允许具有提升权限的本地攻击者在某些条件下枚举嵌入式控制器 (EC) 命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2022-3743
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-3743
请登录查看更多情报信息。
Same Patch Batch · Lenovo · 2023-08-23 · 5 CVEs total
| CVE-2022-3746 | 6.7 MEDIUM | Lenovo Notebook 访问控制错误漏洞 |
| CVE-2022-3744 | 6.7 MEDIUM | Lenovo Notebook 信任管理问题漏洞 |
| CVE-2022-3742 | 6.7 MEDIUM | Lenovo notebook 安全漏洞 |
| CVE-2022-3745 | 4.4 MEDIUM | Lenovo Notebook 信息泄露漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-200
- CVE-2026-42333
quarkus-openapi-generator has overly broad path-parameter ma - CVE-2026-8198
Activity Logs, User Activity Tracking, Multisite Activity Lo - CVE-2026-42456
AnythingLLM: Cross-User TTS Audio Disclosure via Chat ID (ID - CVE-2026-41520
Cillium exposes sensitive information included in the cilium - CVE-2026-25199
Apache CloudStack: Proxmox Extension Allows Unauthorized Cro
V. Comments for CVE-2022-3743
No comments yet