CVE-2025-4422

Published Jul 30, 2025

Last updated 9 days ago

CVSS high 8.2
Firmware

Overview

Description
The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability.  https://support.lenovo.com/us/en/product_security/home
Source
8338d8cb-57f7-4252-abc0-96fd13e98d21
NVD status
Deferred

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.2
Impact score
6
Exploitability score
1.5
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

8338d8cb-57f7-4252-abc0-96fd13e98d21
CWE-787

Social media

Hype score
Not currently trending

  1. ⚠️Vulnerabilidades en firmware UEFI ❗CVE-2025-4421 ❗CVE-2025-4422 ❗CVE-2025-4423 ❗CVE-2025-4425 ➡️Más info: https://t.co/49Q6YR1LUj https://t.co/tQSaRSlc7t

    @CERTpy

    4 Aug 2025

    122 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. ⚠️ HIGH-severity CVE-2025-4422 impacts Lenovo devices using InsydeH2O BIOS. Out-of-bounds write could enable firmware compromise. Restrict admin access & monitor Lenovo advisories for patches. Details: https://t.co/uSJpFcxVOz... https://t.co/nbZGHtucvS

    @offseq

    30 Jul 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Related CVEs

  1. The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware package block-by-block to validate its integrity. However, the last decrypted firmware block remains uncleared in memory after the validation process completes. An attacker with access to the SPI interface can subsequently issue memory read commands to retrieve the decrypted firmware contents from this residual memory, effectively bypassing the firmware encryption protection mechanism. The attack requires physical access to the device's SPI interface.CVE-2025-14858
  2. Fortinet FortiClient EMS Improper Access Control VulnerabilityCVE-2026-35616
  3. A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used.CVE-2026-4903
  4. A Missing Authentication for Critical Function vulnerability in Pharos Controls Mosaic Show Controller firmware version 2.15.3 could allow an unauthenticated attacker to bypass authentication and execute arbitrary commands with root privileges.CVE-2026-2417
  5. A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the confidentiality and integrity of device configuration data.CVE-2025-15605

References

Sources include official advisories and independent security research.