In a recent security bulletin, Lenovo released BIOS version 1.47 update (N3HET75W) for the ThinkPad X13s, fixing many high-risk vulnerabilities including memory corruption and information leakage.
The vulnerabilities disclosed in Lenovo’s security bulletin include
CVE-2022-40516
CVE-2022-40517
CVE-2022-40518
CVE-2022-40519
CVE-2022-40520
CVE-2022-4432
CVE-2022-4433
CVE-2022-4434
CVE-2022-4435
From the official Lenovo security bulletin that these vulnerabilities mainly include
cve-2022-40516, cve-2022-40517, cve-2022-40520.
Qualcomm has reported several stack-based buffer overflow vulnerabilities in Qualcomm BIOS that allow local attackers to gain privileges and cause memory corruption.
cve-2022-40518, cve-2022-40519:
Qualcomm reported several buffers overread vulnerabilities in Qualcomm BIOS, which could allow a local attacker with elevated privileges to cause information disclosure.
CVE-2022-4432, CVE-2022-4433, CVE-2022-4434, CVE-2022-4435.
Several buffer over-read vulnerabilities have been reported in the ThinkPad X13s BIOS that could allow a local attacker with elevated privileges to cause information disclosure.
