{"id":276617,"date":"2023-01-07T00:11:00","date_gmt":"2023-01-06T23:11:00","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=276617"},"modified":"2023-01-06T22:43:46","modified_gmt":"2023-01-06T21:43:46","slug":"thinkpad-x13s-bios-update-schliet-schwachstellen","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2023\/01\/07\/thinkpad-x13s-bios-update-schliet-schwachstellen\/","title":{"rendered":"ThinkPad X13s: BIOS-Update schlie&szlig;t Schwachstellen"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" width=\"200\" align=\"left\" \/>[<a href=\"https:\/\/borncity.com\/win\/?p=28305\" target=\"_blank\" rel=\"noopener\">English<\/a>]Der Hersteller Lenovo hat in einer Sicherheitsmeldung auf eine Reihe Schwachstellen im BIOS des ThinkPad X13s hingewiesen. Diese erm\u00f6glichen eine Speicherbesch\u00e4digung (Memory Corruption) und die Offenlegung von Informationen. Es steht ein BIOS-Update zum Schlie\u00dfen der Schwachstellen bereit.<\/p>\n<p><!--more--><\/p>\n<p>Lenovo listet in <a href=\"https:\/\/support.lenovo.com\/us\/en\/product_security\/LEN-103709\" target=\"_blank\" rel=\"noopener\">diesem Sicherheits-Advisory<\/a> die nachfolgenden Schwachstellen auf, die eine Speicherbesch\u00e4digung (Memory Corruption) und die Offenlegung von Informationen erm\u00f6glichen.<\/p>\n<ul>\n<li>CVE-2022-40516<\/li>\n<li>CVE-2022-40517<\/li>\n<li>CVE-2022-40518<\/li>\n<li>CVE-2022-40519<\/li>\n<li>CVE-2022-40520<\/li>\n<li>CVE-2022-4432<\/li>\n<li>CVE-2022-4433<\/li>\n<li>CVE-2022-4434<\/li>\n<li>CVE-2022-4435<\/li>\n<\/ul>\n<p>Lenovo gibt folgende Auswirkungen dieser Schwachstellen an:<\/p>\n<ul>\n<li>CVE-2022-40516, CVE-2022-40517, CVE-2022-40520: Qualcomm reported several stack-based buffer overflow vulnerabilities in Qualcomm BIOS that could allow a local attacker with elevated privileges to cause memory corruption.<\/li>\n<li>CVE-2022-40518, CVE-2022-40519: Qualcomm reported several buffer over-read vulnerabilities in Qualcomm BIOS that could allow a local attacker with elevated privileges to cause information disclosure.<\/li>\n<li>CVE-2022-4432, CVE-2022-4433, CVE-2022-4434, CVE-2022-4435: Several buffer over-read vulnerabilities were reported in ThinkPad X13s BIOS that could allow a local attacker with elevated privileges to cause information disclosure.<\/li>\n<\/ul>\n<p>Zum Schlie\u00dfen der Schwachstellen sollte ein ThinkPad X13s BIOS-Update auf <a href=\"https:\/\/pcsupport.lenovo.com\/us\/en\/products\/laptops-and-netbooks\/thinkpad-x-series-laptops\/thinkpad-x13s-type-21bx-21by\/downloads\/ds556845-bios-update-utility-bootable-cd-for-windows-11-thinkpad-x13s-gen-1-type-21bx-21by?category=BIOS%2FUEFI\">Version 1.47 (N3HET75W)<\/a> oder neuer erfolgen. (<a href=\"https:\/\/www.heise.de\/news\/BIOS-Sicherheitsupdates-Mehrere-Attacken-auf-Leonovo-ThinkPad-X13s-moeglich-7450558.html\" target=\"_blank\" rel=\"noopener\">via<\/a>)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Der Hersteller Lenovo hat in einer Sicherheitsmeldung auf eine Reihe Schwachstellen im BIOS des ThinkPad X13s hingewiesen. Diese erm\u00f6glichen eine Speicherbesch\u00e4digung (Memory Corruption) und die Offenlegung von Informationen. Es steht ein BIOS-Update zum Schlie\u00dfen der Schwachstellen bereit.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[731,426],"tags":[2927,3081,4328],"class_list":["post-276617","post","type-post","status-publish","format-standard","hentry","category-gerate","category-sicherheit","tag-bios","tag-geraete","tag-sicherheit"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/276617","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=276617"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/276617\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=276617"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=276617"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=276617"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}