Lenovo IdeaCentre and Yoga BIOS Flaws Allow Attackers to Run Arbitrary Code
Security researchers have discovered critical BIOS vulnerabilities affecting Lenovo’s IdeaCentre and Yoga All-in-One desktop computers that could allow privileged attackers to execute arbitrary code and potentially compromise system security at the firmware level.
Critical Security Flaws Discovered in Popular Desktop Models
The vulnerabilities, disclosed through Lenovo Security Advisory LEN-201013 and Insyde Security Advisory INSYDE-SA-2025007, affect the InsydeH2O BIOS firmware used in several Lenovo desktop products.
The flaws were discovered by the BINARLY Research team and reported through coordinated disclosure on July 29, 2025.
Six distinct Common Vulnerabilities and Exposures (CVEs) have been identified, with CVSS scores ranging from 6.0 to 8.2, indicating medium to high severity levels.
The most critical vulnerabilities carry a CVSS score of 8.2, representing significant security risks that require immediate attention.
| CVE ID | CVSS Score | Description | CWE Classification |
| CVE-2025-4421 | 8.2 | SMM memory corruption in gEfiSmmCpuProtocol | CWE-787: Out-of-bounds Write |
| CVE-2025-4422 | 8.2 | SMM memory corruption in EfiPcdProtocol | CWE-787: Out-of-bounds Write |
| CVE-2025-4423 | 8.2 | Arbitrary code execution in SetupAutomationSmm | CWE-119: Memory Buffer Operations |
| CVE-2025-4424 | 6.0 | Unsanitized SmmSetVariable calls | CWE-20: Improper Input Validation |
| CVE-2025-4425 | 8.2 | Stack overflow in SMI handler | CWE-121: Stack-based Buffer Overflow |
| CVE-2025-4426 | 6.0 | SMRAM memory contents disclosure | CWE-200: Information Exposure |
The vulnerabilities primarily target the System Management Mode (SMM), a highly privileged operating mode in x86 processors that handles critical system functions.
Successful exploitation could allow attackers with local administrative privileges to read sensitive SMRAM contents or execute arbitrary code with system-level privileges.
Affected Products and Available Fixes
The security flaws impact multiple Lenovo desktop models, including the IdeaCentre AIO 3 series (24ARR9 and 27ARR9 models) and various Yoga AIO models (27IAH10, 32ILL10, and 9 32IRH8).
Lenovo has already released BIOS updates for the IdeaCentre AIO 3 series, with the minimum fixed version being O6BKT1AA.
For Yoga AIO models, BIOS updates are scheduled for release between September and November 2025, with specific target availability dates provided for each model.
Lenovo strongly recommends that users of affected systems immediately update their BIOS firmware to the versions specified in the security advisory.
Users can download updates through Lenovo’s official support website by searching for their specific product model and accessing the Drivers & Software section.
The company also offers automated update management tools to help streamline the patching process for both individual users and enterprise environments.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!
Source link
