CVE-2025-10237

Description

During an internal security assessment, a potential vulnerability was discovered in some ThinkPad embedded controller firmware that could allow a privileged local user to perform arbitrary reads or writes to privileged memory regions.

CVSS breakdown

CVSS 4.0

Attack Vector

Local

Attack Complexity

Low

Attack Requirements

None

Privileges Required

High

User Interaction

None

Confidentiality (Vulnerable System)

High

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

Lenovo / L13 2-in-1 Gen 6 (Type 21R7, 21R8) Laptops (ThinkPad) BIOS0 – 1.10
Lenovo / L13 Gen 4 (Type 21FG, 21FH) Laptop (ThinkPad) BIOS0 – 1.24
Lenovo / L13 Gen 5 (Type 21LB, 21LC) Laptops (ThinkPad) BIOS0 – 1.21
Lenovo / L13 Gen 6 (Type 21RB, 21RC) Laptops (ThinkPad) BIOS0 – 1.15
Lenovo / L13 (type 20R3, 20R4) Laptops (ThinkPad) BIOS0 – 1.45
Lenovo / L13 Yoga Gen 3 (Type 21B5, 21B6) Laptop (ThinkPad) BIOS0 – 1.31
Lenovo / L14 Gen 2 Type 20X1 20X2 Laptops (ThinkPad) BIOS0 – 1.73
Lenovo / L14 Gen 2 (type 20X5, 20X6) Laptop (ThinkPad) BIOS0 – 1.36
Lenovo / L14 Gen 3 (type 21C1, 21C2) Laptops (ThinkPad) BIOS0 – 1.44
Lenovo / L14 Gen 3 (type 21C5, 21C6) Laptops (ThinkPad) BIOS0 – 1.36
Lenovo / L14 Gen 4 (Type 21H1, 21H2) Laptop (ThinkPad) BIOS0 – 1.34
Lenovo / L14 Gen 5 (Type 21L1, 21L2) Laptops (ThinkPad) BIOS0 – 1.27
Lenovo / L14 Gen 6 (Type 21S6, 21S7) Laptops (ThinkPad) BIOS0 – 1.06
Lenovo / L14 Gen 6 (Type 21SE, 21SF) Laptops (ThinkPad) BIOS0 – 1.14
Lenovo / L15 Gen 4 (Type 21H7, 21H8) Laptops (ThinkPad) BIOS0 – 1.27
Lenovo / L16 Gen 1 (Type 21L7 21L8) Laptops (ThinkPad) BIOS0 – 1.40
Lenovo / L16 Gen 2 (Type 21SC, 21SD) Laptops (ThinkPad) BIOS0 – 1.13
Lenovo / L390 (type 20NR, 20NS) Laptops (ThinkPad) BIOS0 – 1.53
Lenovo / P14s Gen 2 (type 21A0, 21A1) Laptop (ThinkPad) BIOS0 – 1.33
Lenovo / P14s Gen 4 (Type 21K5, 21K6) Laptop (ThinkPad) BIOS0 – 1.47
Lenovo / P14s Gen 5 (Type 21G2, 21G3) Laptops (ThinkPad) BIOS0 – 1.26
Lenovo / P14s Gen 6 (Type 21QL, 21QM) Laptops (ThinkPad) BIOS0 – 1.17
Lenovo / P14s Gen 6 (Type 21QT, 21QU) Laptops (ThinkPad) BIOS0 – UEFI BIOS V1.22/ECP V1.13
Lenovo / P15v Gen 3 (Type 21EN 21EM) Laptop (ThinkPad) BIOS0 – 1.28
Lenovo / P16 Gen 1 (Type 21D6, 21D7) Laptop (ThinkPad) BIOS0 – 1.70
Lenovo / P16 Gen 2 (Type 21FA, 21FB) Laptop (ThinkPad) BIOS0 – BIOS: 1.99/ ECFW: 1.58
Lenovo / P16s Gen 2 (Type 21HK, 21HL) Laptop (ThinkPad) BIOS0 – 1.52
Lenovo / P16v Gen 1 (Type 21FC, 21FD) Laptop (ThinkPad) BIOS0 – BIOS: 1.66 / ECFW: 1.10
Lenovo / P16v Gen 1 (Type 21FE, 21FF) Laptop (ThinkPad) BIOS0 – 1.65/1.13
Lenovo / P16v Gen 2 (Type 21KX, 21KY) Laptops (ThinkPad) BIOS0 – 1.20
Lenovo / P16v Gen 3 (Type 21RS, 21RT) Laptop (ThinkPad) BIOS0 – 1.16
Lenovo / P17 Gen 2 (type 20YU, 20YV) Laptops (ThinkPad) BIOS0 – 1.98
Lenovo / P1 Gen 5 (Type 21DC 21DD) Laptop (ThinkPad) BIOS0 – 1.30 / 1.15
Lenovo / P1 Gen 6 (Type 21FV, 21FW) Laptop (ThinkPad) BIOS0 – 1.39 / 1.15
Lenovo / P1 Gen 7 (Type 21KV, 21KW) Laptop (ThinkPad) BIOS0 – 1.18 / 1.14
Lenovo / P73 (type 20QR, 20QS) Laptop (Thinkpad) BIOS0 – 2.01
Lenovo / S2 Yoga Gen 8 (Types 21FU) China Only Laptop (ThinkPad) BIOS0 – 1.28
Lenovo / T14 Gen 3 (Type 21AH, 21AJ) Laptop (ThinkPad) BIOS0 – 1.47/1.27
Lenovo / T14 Gen 5 (Type 21MC, 21MD) Laptops (ThinkPad) BIOS0 – 1.18
Lenovo / T14s Gen 3 (Type 21BR 21BS) Laptop (ThinkPad) BIOS0 – 1.49
Lenovo / T14s Gen 3 (Type 21CQ 21CR) Laptop (ThinkPad) BIOS0 – 1.51
Lenovo / T14s Gen 4 (Type 21F6, 21F7) Laptop (ThinkPad) BIOS0 – 1.23
Lenovo / T14s Gen 4 (Type 21F8, 21F9) Laptop (ThinkPad) BIOS0 – 1.28
Lenovo / T14s Gen 5 (Type 21LS, 21LT) Laptop (ThinkPad) BIOS0 – 1.15
Lenovo / T14s Gen 6 (Type 21M1, 21M2) Laptops (ThinkPad) BIOS0 – 1.62/1.12
Lenovo / T14s Gen 6 (Type 21QX, 21QY) Laptops (ThinkPad) BIOS0 – 1.10
Lenovo / T14s Gen 6 (Type 21R1, 21R2) Laptops (ThinkPad) BIOS0 – 1.09
Lenovo / T14s Gen 6 (Type 21TB, 21TC) Laptops (ThinkPad) BIOS0 – 1.11
Lenovo / T14s (Type 20T0, 20T1) Laptop (ThinkPad) BIOS0 – 1.38
Lenovo / T15 Gen 2 (Type 20W4, 20W5) Laptop (ThinkPad) BIOS0 – 1.69/1.21
Lenovo / T15g Gen 1 (type 20UR 20US) Laptop (ThinkPad) BIOS0 – 1.98
Lenovo / T15p Gen 2 (Type 21A7, 21A8) Laptop (ThinkPad) BIOS0 – 1.84
Lenovo / T15p Gen 3 (Type 21DA 21DB) Laptop (ThinkPad) BIOS0 – 1.68
Lenovo / T15 (type 20S6, 20S7) Laptop (ThinkPad) BIOS0 – 1.34
Lenovo / T16 Gen 3 (Type 21MN, 21MQ) Laptops (ThinkPad) BIOS0 – 1.16
Lenovo / T16 Gen 4 (Type 21QE, 21QF) Laptops (ThinkPad) BIOS0 – 1.12
Lenovo / T16 Gen 4 (Type 22AW, 22AX) Laptops (ThinkPad) BIOS0 – 1.08
Lenovo / T490 (Type 20N2, 20N3) Laptop (ThinkPad) BIOS0 – 1.85/1.26
Lenovo / ThinkPad S2 Gen 7 Type 21BD BIOS0 – 1.36
Lenovo / ThinkPad S2 Yoga Gen 6 Type 20VN China Only BIOS0 – 1.38/1.36
Lenovo / ThinkPad S2 Yoga Gen 6 Type 21AG China Only BIOS0 – 1.38
Lenovo / X12 Detachable Gen 1 (Type 20UW, 20UV) Laptop (ThinkPad) BIOS0 – 1.40
Lenovo / X12 Detachable Gen 2 (Type 21LK, 21LL) Laptops (ThinkPad) BIOS0 – 1.22 / 1.15
Lenovo / X1 2-in-1 Gen 10 (Type 21NU, 21NV) Laptop (ThinkPad) BIOS0 – 1.39
Lenovo / X1 2-in-1 Gen 9 (Type 21KE, 21KF) Laptop (ThinkPad) BIOS0 – 1.46
Lenovo / X13 Gen 2 (Type 20WK, 20WL) Laptop (ThinkPad) BIOS0 – 1.65
Lenovo / X13 Gen 2 (Type 20XH, 20XJ) Laptop (ThinkPad) BIOS0 – 1.36
Lenovo / X13 Gen 4 (Type 21J3, 21J4) Laptop (ThinkPad) BIOS0 – 1.37
Lenovo / X13 Gen 5 (Type 21LU, 21LV) Laptop (ThinkPad) BIOS0 – 1.17
Lenovo / X13 Gen 6 (Type 21RK, 21RL) Laptops (ThinkPad) BIOS0 – 1.11
Lenovo / X13 Gen 6 (Type 21RM, 21RN) Laptops (ThinkPad) BIOS0 – 1.09
Lenovo / X13 Yoga Gen 1 (Type 20SX, 20SY) Laptop (ThinkPad) BIOS0 – 1.58 / 1.18
Lenovo / X13 Yoga Gen 2 (Type 20W8, 20W9) Laptop (ThinkPad) BIOS0 – 1.52/ 1.28
Lenovo / X13 Yoga Gen 3 (Type 21AW 21AX) Laptop (ThinkPad) BIOS0 – 1.25
Lenovo / X13 Yoga Gen 4 (Type 21F2, 21F3) Laptop (ThinkPad) BIOS0 – 1.22
Lenovo / X1 Carbon 13th Gen (Type 21NX, 21NY) Laptops (ThinkPad) BIOS0 – 1.15
Lenovo / X1 Extreme 2nd Gen (Type 20QV, 20QW) Laptop (ThinkPad) BIOS0 – 1.56 / 1.26
Lenovo / X1 Extreme 3rd Gen (Type 20TK, 20TL) Laptop (ThinkPad) BIOS0 – 1.38 / 1.22
Lenovo / X1 Extreme 4th Gen (Type 20Y5, 20Y6) Laptop (ThinkPad) BIOS0 – 1.34 / 1.19
Lenovo / X1 Fold 16 Gen 1 (Type 21ES, 21ET) Laptop (ThinkPad) BIOS0 – 1.26
Lenovo / X1 Fold Gen 1 (Type 20RK, 20RL) Laptop (ThinkPad) BIOS0 – 1.35
Lenovo / X1 Nano Gen 1 (Type 20UN 20UQ) Laptop (ThinkPad) BIOS0 – 1.69
Lenovo / X1 Nano Gen 2 (Type 21E8 21E9) Laptop (ThinkPad) BIOS0 – 1.33 / 1.21
Lenovo / X1 Nano Gen 3 (Type 21K1, 21K2) Laptop (ThinkPad) BIOS0 – 1.29 / 1.11
Lenovo / X1 Titanium (Type 20QA, 20QB) Laptop (ThinkPad) BIOS0 – 1.38
Lenovo / X1 Yoga 4th Gen (Type 20SA, 20SB) Laptop (ThinkPad) BIOS0 – 1.67 / 1.56
Lenovo / X1 Yoga 5th Gen (Type 20UB, 20UC) Laptop (ThinkPad) BIOS0 – 1.41
Lenovo / X1 Yoga 6th Gen (Type 20XY, 20Y0) Laptop (ThinkPad) BIOS0 – 1.76
Lenovo / X1 Yoga 7th Gen (Type 21CD, 21CE) Laptop (ThinkPad) BIOS0 – 1.53
Lenovo / X1 Yoga 8th Gen (Type 21HQ, 21HR) Laptop (ThinkPad) BIOS0 – 1.38
Lenovo / X390 (Type 20SC, 20SD) Laptop (ThinkPad) BIOS0 – 1.87
Lenovo / X390 Yoga (Type 20NN, 20NQ) Laptop (ThinkPad) BIOS0 – 2.06 / 1.23
Lenovo / X9-14 Gen 1 (Type 21QA, 21QB) Laptop (ThinkPad) BIOS0 – 1.21
Lenovo / Z16 Gen 1 (Type 21D4, 21D5) Laptop (ThinkPad) BIOS0 – 1.76
Lenovo / Z16 Gen 2 (Type 21JX, 21JY) Laptop (ThinkPad) BIOS0 – 1.37

References

MISChttps://support.lenovo.com/us/en/product_security/LEN-218282