{"cve":{"cve_id":"CVE-2022-1107","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00253,"epss_percentile":0.1638,"epss_as_of":"2026-06-23","description":"During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code.","published_at":"2022-04-22T20:30:50Z","last_modified_at":null,"cvss_v3_score":6.7,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-20"],"nvd_references":["https://support.lenovo.com/us/en/product_security/LEN-84943"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:16:44.238412Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"H","value_label":"High"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"lenovo","vendor_name":"Lenovo","product_slug":"thinkpad-bios","product_name":"ThinkPad BIOS","version_start":"various","version_start_inclusive":true,"version_end":"various","version_end_inclusive":true,"cpe23_uri":"cve5:lenovo:thinkpad-bios:various:various"}],"exploit_refs":[],"news":[],"references":[{"url":"https://support.lenovo.com/us/en/product_security/LEN-84943","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2022-04-22T20:30:50Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:20:34.451311Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:20:34.451311Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:20:34.451311Z","label":"CVSS score revised","source":"cvelistv5"}]}