GCVE - cpe:2.3:h:lenovo:legion_5-15ith6h:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:lenovo:legion_5-15ith6h:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Lenovo (`c98ed681-bc65-5c44-8bbb-e0a228f96d0e`)
Product	Legion 5 15Ith6H (`7ea0dacd-d19e-5a26-ae6b-4445ee9c6af5`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-34419`	not_vulnerable	2026-06-03 14:52:16.722985	Details available MEDIUM (6.7) A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code. Published: 2023-08-17T16:49:12.282Z Updated: 2024-08-02T16:10:06.823Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-134879	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-3746`	not_vulnerable	2026-06-03 14:47:59.171814	Details available MEDIUM (6.7) A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller (EC) interface. Published: 2023-08-23T19:43:54.077Z Updated: 2024-08-03T01:20:57.662Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-103710	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-3745`	not_vulnerable	2026-06-03 14:47:59.167133	Details available MEDIUM (4.4) A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI. Published: 2023-08-23T19:43:34.512Z Updated: 2024-10-01T15:49:56.403Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-103710	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-3744`	not_vulnerable	2026-06-03 14:47:59.162332	Details available MEDIUM (6.7) A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential. Published: 2023-08-23T19:43:17.503Z Updated: 2024-08-03T01:20:57.610Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-103710	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-3743`	not_vulnerable	2026-06-03 14:47:59.157102	Details available MEDIUM (4.4) A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller (EC) commands. Published: 2023-08-23T19:42:59.163Z Updated: 2024-10-01T15:50:12.756Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-103710	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-3742`	not_vulnerable	2026-06-03 14:47:59.079852	Details available MEDIUM (6.7) A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation. Published: 2023-08-23T19:42:15.848Z Updated: 2024-10-09T19:17:23.103Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-103710	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-3972`	not_vulnerable	2026-06-03 14:45:16.853068	Details available MEDIUM (6.7) A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices' BIOS that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable. Published: 2022-04-22T20:30:40.000Z Updated: 2024-08-03T17:09:09.723Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-73440	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-3971`	not_vulnerable	2026-06-03 14:45:16.847146	Details available MEDIUM (6.7) A potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify firmware protection region by modifying an NVRAM variable. Published: 2022-04-22T20:30:38.000Z Updated: 2024-08-03T17:09:09.596Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-73440	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-3970`	not_vulnerable	2026-06-03 14:45:16.734674	Details available MEDIUM (6.7) A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attacker with local access and elevated privileges to execute arbitrary code. Published: 2022-04-22T20:30:37.000Z Updated: 2024-08-03T17:09:09.797Z Open on db.gcve.eu Reference links https://support.lenovo.com/us/en/product_security/LEN-73440	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.