Search criteria
9 vulnerabilities found for ideapad_slim_1-14ast-05_firmware by lenovo
FKIE_CVE-2022-1892
Vulnerability from fkie_nvd - Published: 2023-01-26 21:15 - Updated: 2024-11-21 06:41
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:100e_2nd_gen_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "244899ED-A04F-40AB-9C1A-C13BABB20B1D",
"versionEndExcluding": "frcn23ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:100e_2nd_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D442B28-EFE9-4819-842F-B0E5CAFB6FE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:100w_gen_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D40749BF-4FCA-4795-8568-CCF8761897C2",
"versionEndExcluding": "gacn38ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:100w_gen_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7AE49C-7725-4FE6-ADC9-0FB5AFE8DE5E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:13w_yoga_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "041B632E-3801-4292-8A7C-DE0261E87A75",
"versionEndExcluding": "jacn31ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:13w_yoga:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C79699-F690-4A4D-80E5-408CE4A214AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:14w_gen_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6502DAD4-888D-4B1D-9FB2-A037F2EEF1C1",
"versionEndExcluding": "h0cn21ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:14w_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF48212-5B36-4D2B-A5D2-79B83FE265D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:300e_2nd_gen_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "937586A9-D870-4216-8F71-B340A5F017A8",
"versionEndExcluding": "frcn23ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:300e_2nd_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D1C808-EB2B-4FDF-AE48-A60331AA2932",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:300w_gen_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6C8DFC-0C19-4A52-907F-F9C5036623EC",
"versionEndExcluding": "gacn38ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:300w_gen_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "523AEC53-B222-469E-AB0C-F3CD59E7A1C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:500w_gen_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8265E5EF-610B-40A0-9377-CE5EF7F5C3A4",
"versionEndExcluding": "g6cn40ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:500w_gen_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E50C7D-29E6-4070-AE81-2C3A34832BDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:730s-13iml_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E02B7492-6D0D-4E1F-85DA-A6063FCACAB8",
"versionEndExcluding": "brcn20ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:730s-13iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC58D9FF-9036-43BB-8BB7-D4E535796614",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex_3-11ada05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8ABB4FC-215F-4D05-A566-59283D86AC66",
"versionEndExcluding": "fpcn26ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_3-11ada05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82F47879-58F2-41C2-9F69-86E3286FD272",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex_5-14alc05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7229858-AE05-4636-8A61-69E3AB63794D",
"versionEndExcluding": "gjcn27ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_5-14alc05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5B398-8997-4023-9555-C9FB301B2053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex_5-14are05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A2777A-BBD0-450A-B991-2741D126D803",
"versionEndExcluding": "eecn39ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_5-14are05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6307A1E8-45B4-483C-B13D-F6F25F504D21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex_5-14iil05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8CFFA45-5777-47D9-8F61-B02B4E2A8F79",
"versionEndExcluding": "eecn40ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_5-14iil05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "395BCDC7-B5C3-4FB7-96BD-849572AB50DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex_5-14itl05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "693CBFD4-21B1-4D42-A0E3-11496B0BD449",
"versionEndExcluding": "fxcn38ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_5-14itl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "941A9478-5A03-46FC-888A-EF75DDCB234A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex_5-15alc05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "455D945F-BD27-4574-8247-A1EF08355402",
"versionEndExcluding": "gjcn27ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_5-15alc05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3779495-A1FA-4589-AADA-C52E56C8B3E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex_5-15iil05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D701A45C-3223-4E52-97AB-E25C19234D7D",
"versionEndExcluding": "eccn40ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_5-15iil05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8D5080-1656-4587-AFEA-C6A438987DAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:flex_5-15itl05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63784A60-C929-42D1-B36F-B32E39B50769",
"versionEndExcluding": "fxcn38ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:flex_5-15itl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0C9D69-BF79-44AA-955B-8EE202B03114",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_1-11ada05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA53B391-408C-4B7C-A458-81E0866625AB",
"versionEndExcluding": "fqcn26ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_1-11ada05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C32B51-6F03-4568-BCDF-D59867AC4723",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_1-11igl05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D336B7-C985-496A-BA7F-CFEFD4F59EAF",
"versionEndExcluding": "dwcn24ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_1-11igl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC62EEC-713B-4559-8AB7-0B2B0F4D84F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_1-14ada05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C949EE4F-72FF-40E2-9FEC-60EDAE5F9F02",
"versionEndExcluding": "fqcn26ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_1-14ada05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41F01C73-2B64-47E4-8A04-27426CCCEFE9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_1-14igl05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABD4C78-4796-4C03-9C3D-565388D3A070",
"versionEndExcluding": "dwcn24ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_1-14igl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "076B2AA1-ED0B-47B3-B6E2-FFEBB21220AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-15ada05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1CC79D-85DD-4764-8164-C11C76E70F77",
"versionEndExcluding": "e8cn36ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-15ada05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB21743-51B5-47F6-B235-3514BF1D136C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-14ada05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7270BCE1-49DE-439D-BEAC-B9E0A26B9075",
"versionEndExcluding": "e8cn36ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-14ada05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF6A0BA-24C9-4C37-B830-9624C99F2A5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-14ada6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C09E69-942F-4BAA-B720-47F187146B38",
"versionEndExcluding": "hbcn24ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-14ada6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "430F70FC-FEFE-4228-ACBA-615CF6359DB8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-14alc6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51B1C507-9210-46CE-A4A2-749E746582F0",
"versionEndExcluding": "glcn48ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-14alc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4CE82E-B6FD-4F67-9767-BFF24DE97939",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-15ada6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4584D818-8ED5-4A26-AB4A-5DCE743795EA",
"versionEndExcluding": "hbcn24ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-15ada6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4800A4C7-392E-4997-90A4-079D301596FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-15alc6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E4AB021-8229-43DA-A4D4-1340A5FF8242",
"versionEndExcluding": "glcn48ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-15alc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C28FEF-9AA8-4EE5-92EF-B8E4FE52EC0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-17alc6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC5C98F-5C40-4764-BFC2-88CC383C37D8",
"versionEndExcluding": "e8cn36ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-17alc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD289C75-0739-48BB-A2C0-54EAD0E00228",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-17ada05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17973933-53B6-44F9-9282-A44670FEDE60",
"versionEndExcluding": "hbcn24ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-17ada05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B47EDD4E-9C8F-47AD-9CAF-77C184C17488",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_3-17ada6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC88B02-9FDB-42E6-8DC1-AFEC79627ED8",
"versionEndExcluding": "glcn48ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_3-17ada6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6A1AC1-8192-410B-AA80-6205B8E285A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_5_15aba7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0E77608-5246-478C-8253-0F11EE0BA05D",
"versionEndExcluding": "kacn14ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_5_15aba7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "000DE804-4AA1-40C3-9C4E-C9D97F33A7F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5_14alc7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "516C1575-C0C0-48E4-825A-D417B6A8F858",
"versionEndExcluding": "jccn29ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5_14alc7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC57D455-CC71-48E0-9A3E-66FAFB562A13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5_16alc7_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7174FC73-6266-49D5-8642-49E2C480985F",
"versionEndExcluding": "jccn29ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5_16alc7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB069F7-190E-4CD9-9300-CE34E5C94880",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:legion_s7-15imh5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB1647AC-C9B9-4C36-B1B4-A7F394AD5025",
"versionEndExcluding": "hacn37ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:legion_s7-15imh5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "174568DD-04DD-4ADA-A712-86E5D32715DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:legion_s7-15ach6_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA21523-4E9A-470E-91A6-63BFF64F3F13",
"versionEndExcluding": "g1cn27ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:legion_s7-15ach6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "348D2826-C35D-4CCD-9D77-20ED3DA060FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:legion_s7-15arh5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE940F63-FC66-4FD8-BE37-B470B10B7D50",
"versionEndExcluding": "fdcn40ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:legion_s7-15arh5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B4CCF3B-A15E-4665-A451-244A3E6C8A86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s145-14api_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53F62A4-D790-4477-8592-B62BADBA73A3",
"versionEndExcluding": "bucn33ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s145-14api:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB47E5-C95F-47A7-9933-4268604E9206",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s145-14ast_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9048C853-652D-4976-84D9-4ED17359A43A",
"versionEndExcluding": "aycn28ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s145-14ast:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20926D68-C98C-4EB7-845B-734F04DCA188",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s145-15api_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01CF066A-452C-4609-9682-8F7FC4050CAB",
"versionEndExcluding": "bucn33ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s145-15api:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81997EBD-A28F-4AF8-BD43-97E6410C6C31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s145-15ast_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1ADBE3-D1EF-45E0-B3A4-BE2AF8B77759",
"versionEndExcluding": "aycn28ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s145-15ast:-:*:*:*:*:*:*:*",
"matchCriteriaId": "349E6BC0-8FFC-431C-905A-68FF16BBAA86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:s540-13api_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "289C94F9-F433-4982-9EB5-8661DA1C3892",
"versionEndExcluding": "cxcn36ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:s540-13api:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E0C8E4-DB00-4722-A985-2258FA1F725F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_s940-14iil_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DA8BC4-A3E9-4A1E-AC6F-96A0BA82FF85",
"versionEndExcluding": "bqcn34ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_s940-14iil:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA59CAA-1FFF-4E3A-87F5-3F845504C26F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_s940-14iil_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5CA86E-D32D-43EE-B97D-A059EB7FFA0F",
"versionEndExcluding": "bqcn34ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_s940-14iil:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C08A1C6F-6D23-4772-9935-1A72CB7FCBF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_slim_1-14ast-05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2F43E17-F834-4AA6-A08F-854EA9AD765C",
"versionEndExcluding": "cwcn25ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_slim_1-14ast-05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0D718A-2E08-487E-8963-1D4B7491C325",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_slim_1-11ast-05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89A762F2-9C1F-4DF4-8536-CB4053A64CE1",
"versionEndExcluding": "cwcn25ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_slim_1-11ast-05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97D758B0-E09A-4D2D-8EF0-954E2FB3426E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_13s_g3_acn_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C236E587-2784-4A96-9944-8DE556EE08A7",
"versionEndExcluding": "gmcn29ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_13s_g3_acn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F67521-7E7E-4B90-886B-EE54B8D1A5D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_13s_g2_are_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92120120-857E-4528-B799-081FA59177ED",
"versionEndExcluding": "fvcn24ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_13s_g2_are:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF07F8EA-8901-49AD-B001-D2FA4C2347F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_13s_g2_itl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB360F31-4887-49B3-B9C4-C3CF0AB8B3AA",
"versionEndExcluding": "f9cn50ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_13s_g2_itl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "402E5B1C-7786-4102-9844-6FFB9D810204",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_13s-iml_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E1369C5-ABB8-4803-9246-5FA6B80E9457",
"versionEndExcluding": "cqcn37ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_13s-iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C62ECAF-B782-47EA-A527-5E9389F3AA1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_14-iil_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "036C342E-1F74-4B63-A06B-06157A6797E8",
"versionEndExcluding": "djcn28ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_14-iil:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CF3129-19E2-4649-B0E8-79EB5B3EB1F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_14-iml_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "495AE9CC-8F17-40CF-98AA-8CD8DAF49E29",
"versionEndExcluding": "cjcn38ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_14-iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6839816-92D3-4698-893E-DF7D99C487C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_14p_g2_ach_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2522CEC0-A352-4B07-8470-6929C88B6B73",
"versionEndExcluding": "gwcn41ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_14p_g2_ach:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCF0811A-7E69-4F56-9067-524E73C14253",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_14s_g2_itl_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98A98AF5-015D-4728-A34C-0A9E4683C3B5",
"versionEndExcluding": "f9cn50ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_14s_g2_itl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "463EB277-DEF6-4FE3-A07D-6F373C040EFE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_14s-iml_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57D3F892-F6E9-44B0-A559-A4388B07502B",
"versionEndExcluding": "cqcn37ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_14s-iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "893B6C86-743B-4CD7-A19B-F3BA7A782A0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_15-iil_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4947120-80EC-4DD8-B386-80FF9E749B76",
"versionEndExcluding": "djcn28ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_15-iil:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CEE028-83AF-4AFD-A3F1-C0DA6070FC48",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_15-iml_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF015D2-2202-4330-A1F2-9E319A0CFC73",
"versionEndExcluding": "cjcn38ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_15-iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4C15FE-8601-4948-BCF4-5A4A5E307759",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkbook_16p_g2_ach_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78DAE3AF-ECBD-4439-B790-35ED576287B3",
"versionEndExcluding": "gxcn42ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkbook_16p_g2_ach:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B21190E-7559-46BE-8F47-3B498FED6C02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v130-15ikb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D126EE0-999B-4FC4-9743-46242AEEA132",
"versionEndExcluding": "8vcn31ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v130-15ikb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32DEE9B-A1C0-4679-BDE3-21E57977443F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v14_g2-alc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "044D4202-2195-4B0D-AE48-3F4F186F9C3D",
"versionEndExcluding": "glcn48ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v14_g2-alc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "887F4DE6-C85A-4DF5-AD57-0FD0679DB616",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v14-ada_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC7F8A9-32FF-4A99-9324-7D03341C1D82",
"versionEndExcluding": "e8cn36ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v14-ada:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBDF1634-5764-4374-8552-D1474AA15519",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v15_g2-alc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49297CBD-20D2-46EA-A7D5-0D9D024C10FB",
"versionEndExcluding": "glcn48ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v15_g2-alc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54883E24-E4B7-4BC5-887B-C58E8B1E4A9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v15-ada_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65954A7-3A16-4FC2-845C-47616715B376",
"versionEndExcluding": "e8cn36ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v15-ada:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7FA114-4C4D-4653-82E9-BC219740DCD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_9-15imh5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9A2AA0-F6C2-4CCB-B841-5E6F5B4E21F1",
"versionEndExcluding": "epcn28ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_9-15imh5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "351885D4-6E5E-4224-A967-68E6338FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_c640-13iml_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E747094D-17B6-4954-A346-46934230091B",
"versionEndExcluding": "chcn28ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_c640-13iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "709C368C-A159-45F9-BD23-ED07A5CF08A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_c640-13iml_lte_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FA80A4-ED4B-40E1-AC05-F355A880C374",
"versionEndExcluding": "chcn28ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_c640-13iml_lte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2E3608-02DC-40C8-A92D-04E50B81F534",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_c940-15irh_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DECE40A-FE1E-4143-BE34-B38886054C0B",
"versionEndExcluding": "bscn37ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_c940-15irh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CD059D-4301-4FFF-A737-C05F7D19F41E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_s730-13iml_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "696BAD1F-BB90-4A3D-B6C6-896A0FAFB857",
"versionEndExcluding": "brcn20ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_s730-13iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CD603B8-6B07-44AC-B1A1-621D34B281D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_s940-14iil_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5CA86E-D32D-43EE-B97D-A059EB7FFA0F",
"versionEndExcluding": "bqcn34ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_s940-14iil:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C08A1C6F-6D23-4772-9935-1A72CB7FCBF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_pro-14ach5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC68CFC-B30E-41A0-97C8-9EA4D2F90214",
"versionEndExcluding": "gzcn29ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_pro-14ach5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF0B3CD-C9E7-4BC1-9DAA-E271A4316A08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_pro-14ach5_o_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA976A85-C13D-40F3-9A67-918748F10ECE",
"versionEndExcluding": "gzcn29ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_pro-14ach5_o:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D80F6E4B-9459-4B4A-99FF-182FAE914603",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_pro-14arh5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA96BF4-5694-4786-A60F-229D649BC947",
"versionEndExcluding": "gzcn24ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_pro-14arh5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE0AB81-A5A3-4482-AA9A-299BD260DDF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_5-15alc05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03816E1B-DC00-472F-860E-143D88EAB618",
"versionEndExcluding": "h2cn27ww",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_5-15alc05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D62A32-3D89-4BC0-A7A1-69C450C15DE7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en el controlador SystemBootManagerDxe en algunos productos port\u00e1tiles Lenovo puede permitir que un atacante con privilegios locales ejecute c\u00f3digo arbitrario."
}
],
"id": "CVE-2022-1892",
"lastModified": "2024-11-21T06:41:41.637",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-26T21:15:25.467",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-91369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-91369"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3453
Vulnerability from fkie_nvd - Published: 2021-07-16 21:15 - Updated: 2024-11-21 06:21
Severity ?
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkpad_helix_firmware:n17etb4w:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB0E3D0-B598-4391-98AF-B1C6F78D5F2A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_helix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD5DB5D-4ADF-4AC9-9774-8F36B3F2BDBF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkpad_t550_firmware:n11et53w:*:*:*:*:*:*:*",
"matchCriteriaId": "093E0901-6078-42AA-81AF-FEC9BB11475B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_t550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D79966D-08A3-428F-B4EC-CAAC8F4CF435",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkpad_w550s_firmware:n11et53w:*:*:*:*:*:*:*",
"matchCriteriaId": "14982F3D-67A1-455B-9A73-9729E7705002",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_w550s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23267973-5F08-43C5-9C92-F429B84D3245",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_carbon_3rd_gen_firmware:n14et55w:*:*:*:*:*:*:*",
"matchCriteriaId": "336C04AD-21B6-4288-B3B6-FBDD749469D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_carbon_3rd_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86F4EB0E-B4C9-4FC1-987F-8EE359F17172",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkpad_x250_firmware:n10et62w:*:*:*:*:*:*:*",
"matchCriteriaId": "644C610C-E8D7-4867-B89F-D677ED26E423",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_x250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEA076E5-D554-4570-B5E3-FE78CEC024B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:thinkpad_yoga_15_firmware:n19et65w:*:*:*:*:*:*:*",
"matchCriteriaId": "E96C53C2-9F91-4981-8458-5A596BE5AF2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_yoga_15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9052750D-3481-46A1-B1C5-EABB56DDD4E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:730s-13iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C8BA48-DE2C-4861-B692-D94222EE139A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:730s-13iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC58D9FF-9036-43BB-8BB7-D4E535796614",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_1-11igl05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "522827D6-4928-49B5-B293-61BCB6959134",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_1-11igl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC62EEC-713B-4559-8AB7-0B2B0F4D84F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_1-14igl05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9AB2D9-0D58-4145-9DDE-23C55B0D0A8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_1-14igl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "076B2AA1-ED0B-47B3-B6E2-FFEBB21220AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_s940-14iil_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF6EA58-3B77-428C-8CAE-2A3882D55612",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_s940-14iil:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA59CAA-1FFF-4E3A-87F5-3F845504C26F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_s940-14iwl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678FF008-4CB3-42C3-9717-C96CBEE740F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_s940-14iwl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DD9308-18A9-49B1-85AD-0D9E9E93FACC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_slim_1-11ast-05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8BA6E9-F84C-4FEA-8E7C-A61CED49C556",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_slim_1-11ast-05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97D758B0-E09A-4D2D-8EF0-954E2FB3426E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_slim_1-14ast-05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9497349B-7024-4FAB-A722-10928995B0D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_slim_1-14ast-05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0D718A-2E08-487E-8963-1D4B7491C325",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v130-15igm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD79628A-52FD-46F7-A756-B26C61F9F36E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v130-15igm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5053055-975C-4074-A9BA-BEB2E055DDEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v330-15ikb_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C185C13-B791-40ED-B8B8-D654EFFAE804",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v330-15ikb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62FBC6C-7CE6-4143-8E20-A53EBCDA760B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v330-15isk_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6561DCB-6CEA-4E92-A517-EBB32B60C594",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v330-15isk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7536DC2F-CCB1-4BF5-A04B-412A35DB1302",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_s730-13iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB5673A-F59B-4190-8626-093368C0D470",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_s730-13iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CD603B8-6B07-44AC-B1A1-621D34B281D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_s940-14iil_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D471E83D-3DA6-4762-B592-4DEAF6C71185",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_s940-14iil:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C08A1C6F-6D23-4772-9935-1A72CB7FCBF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:yoga_s940-14iwl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F02E247-7E1D-4D0D-B6CC-7EE4F806BD9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:yoga_s940-14iwl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00821048-9198-4A78-8275-B6BA81D2B0EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideacentre_aio_5-24imb05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54126591-EF21-4A00-BD93-DB9E5459CFC6",
"versionEndExcluding": "2021-09-30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideacentre_aio_5-24imb05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D279D84-E26F-4D6A-B7EC-3AB10BC4EB9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideacentre_aio_5-74imb05_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C106A3B4-B6D5-4107-9049-8A5DC85DA7FC",
"versionEndExcluding": "2021-09-30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideacentre_aio_5-74imb05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B0F50EA-E337-49E6-94A7-B384AF719D48",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage."
},
{
"lang": "es",
"value": "Algunos sistemas de port\u00e1tiles, ThinkPad y ordenadores de sobremesa de Lenovo presentan m\u00f3dulos BIOS desprotegidos por Intel Boot Guard que podr\u00edan permitir a un atacante con acceso f\u00edsico la habilidad de escribir en el almacenamiento flash SPI"
}
],
"id": "CVE-2021-3453",
"lastModified": "2024-11-21T06:21:34.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-16T21:15:10.683",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-693"
}
],
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3614
Vulnerability from fkie_nvd - Published: 2021-07-16 21:15 - Updated: 2024-11-21 06:21
Severity ?
6.4 (Medium) - CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_1-11ada05_firmware:fqcn19ww:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C2AE3D-0713-4FE2-9C91-327928810471",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_1-11ada05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C32B51-6F03-4568-BCDF-D59867AC4723",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_1-14ada05_firmware:fqcn19ww:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF2EA27-F4FA-45AB-A65A-CEE457DE32F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_1-14ada05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41F01C73-2B64-47E4-8A04-27426CCCEFE9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v130-15ikb_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8801CAA7-4677-4263-9AFE-A45271F41D2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v130-15ikb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32DEE9B-A1C0-4679-BDE3-21E57977443F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:100e_2nd_gen_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D6C4-3441-4785-B2E6-D32A7E5AE974",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:100e_2nd_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D442B28-EFE9-4819-842F-B0E5CAFB6FE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:300e_2nd_gen_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D9C2961-34AA-4CAC-A889-20DACD51AF22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:300e_2nd_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D1C808-EB2B-4FDF-AE48-A60331AA2932",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_730-13iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FE7E9D-BEAA-42AA-B504-47E6F5C0AEDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_730-13iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "438D9742-DB55-428B-92CB-5D0712E4B21C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5-14alc05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "906BFE2B-7DAD-4503-8F6B-E71FE4CFF453",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5-14alc05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2810A82D-E927-4CF8-9B3B-97F186AEBC25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_flex_5-15alc05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79315231-9E83-44BF-96DE-91E4AC9AD15D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_flex_5-15alc05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5395EE56-4C01-46F0-9D6A-F28A51E8CE49",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_1-11igl05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "522827D6-4928-49B5-B293-61BCB6959134",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_1-11igl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC62EEC-713B-4559-8AB7-0B2B0F4D84F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_1-14igl05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9AB2D9-0D58-4145-9DDE-23C55B0D0A8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_1-14igl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "076B2AA1-ED0B-47B3-B6E2-FFEBB21220AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_s940-14iil_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF6EA58-3B77-428C-8CAE-2A3882D55612",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_s940-14iil:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA59CAA-1FFF-4E3A-87F5-3F845504C26F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_s940-14iwl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "678FF008-4CB3-42C3-9717-C96CBEE740F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_s940-14iwl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DD9308-18A9-49B1-85AD-0D9E9E93FACC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_slim_1-11ast-05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8BA6E9-F84C-4FEA-8E7C-A61CED49C556",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_slim_1-11ast-05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97D758B0-E09A-4D2D-8EF0-954E2FB3426E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_slim_1-14ast-05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9497349B-7024-4FAB-A722-10928995B0D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_slim_1-14ast-05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0D718A-2E08-487E-8963-1D4B7491C325",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v130-15igm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD79628A-52FD-46F7-A756-B26C61F9F36E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v130-15igm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5053055-975C-4074-A9BA-BEB2E055DDEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v130-15ikb_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8801CAA7-4677-4263-9AFE-A45271F41D2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v130-15ikb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32DEE9B-A1C0-4679-BDE3-21E57977443F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v330-15ikb_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C185C13-B791-40ED-B8B8-D654EFFAE804",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v330-15ikb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62FBC6C-7CE6-4143-8E20-A53EBCDA760B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:v330-15isk_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6561DCB-6CEA-4E92-A517-EBB32B60C594",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:v330-15isk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7536DC2F-CCB1-4BF5-A04B-412A35DB1302",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_yoga_c940-15irh_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7C372C-2BB7-4029-B6E9-03FB29C5B007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_yoga_c940-15irh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1234D01A-8E5E-4F21-BF2B-C431C0EF16A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_yoga_s730-13iml_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4654B180-88B5-4374-B2E6-CD50C916D622",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_yoga_s730-13iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "505B510A-FC5E-453D-B8BE-71402BF3E592",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_yoga_s940-14iil_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7183153-6685-4EDE-8F49-7CF3FB8C238B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_yoga_s940-14iil:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FC0480E-6B77-42AB-8F56-9CD52491D96B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lenovo:ideapad_yoga_s940-14iwl_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6CCD0E-DA9D-4438-B066-3069A979D79E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:ideapad_yoga_s940-14iwl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F21457A4-F531-4FD8-9FD5-5C99FC663064",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage."
},
{
"lang": "es",
"value": "Se ha reportado una vulnerabilidad en algunos sistemas de port\u00e1tiles Lenovo que podr\u00eda permitir a un atacante con acceso f\u00edsico elevar los privilegios en determinadas condiciones durante una actualizaci\u00f3n de la BIOS llevada a cabo por Lenovo Vantage"
}
],
"id": "CVE-2021-3614",
"lastModified": "2024-11-21T06:21:59.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-16T21:15:10.820",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-636"
}
],
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-1892 (GCVE-0-2022-1892)
Vulnerability from cvelistv5 – Published: 2023-01-23 15:31 – Updated: 2025-04-02 14:37
VLAI?
Summary
A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
Severity ?
6.7 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Credits
Lenovo thanks Martin Smolár from ESET for reporting these issues.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:17:00.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-91369"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1892",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-02T14:36:42.939310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T14:37:24.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Lenovo thanks Martin Smol\u00e1r from ESET for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code."
}
],
"value": "A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-26T06:03:10.975Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-91369"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update system firmware to the version (or newer) indicated for your model in the product Impact section of LEN-91369\u003cbr\u003e"
}
],
"value": "Update system firmware to the version (or newer) indicated for your model in the product Impact section of LEN-91369\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2022-1892",
"datePublished": "2023-01-23T15:31:19.243Z",
"dateReserved": "2022-05-25T20:29:39.456Z",
"dateUpdated": "2025-04-02T14:37:24.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3614 (GCVE-0-2021-3614)
Vulnerability from cvelistv5 – Published: 2021-07-16 20:30 – Updated: 2024-08-03 17:01
VLAI?
Summary
A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage.
Severity ?
6.4 (Medium)
CWE
- CWE-636 - Not Failing Securely ('Failing Open')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lenovo | Notebook BIOS |
Affected:
various
|
Credits
Lenovo thanks Tim Boyd, NCC Group for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:07.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Notebook BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Tim Boyd, NCC Group for reporting this issue."
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-636",
"description": "CWE-636 Not Failing Securely (\u0027Failing Open\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-16T20:30:20",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
],
"solutions": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-65529."
}
],
"source": {
"advisory": "LEN-65529",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2021-3614",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Notebook BIOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Tim Boyd, NCC Group for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-636 Not Failing Securely (\u0027Failing Open\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-65529",
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-65529."
}
],
"source": {
"advisory": "LEN-65529",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2021-3614",
"datePublished": "2021-07-16T20:30:20",
"dateReserved": "2021-06-23T00:00:00",
"dateUpdated": "2024-08-03T17:01:07.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3453 (GCVE-0-2021-3453)
Vulnerability from cvelistv5 – Published: 2021-07-16 20:30 – Updated: 2025-12-16 17:56
VLAI?
Summary
Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage.
Severity ?
6.8 (Medium)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Lenovo thanks Binarly efiXplorer team for reporting these issues.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:53:17.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-3453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-16T17:55:59.636899Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T17:56:22.882Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Binarly efiXplorer team for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"value": "Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-16T20:30:17.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
],
"solutions": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-65529."
}
],
"source": {
"advisory": "LEN-65529",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2021-3453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Binarly efiXplorer team for reporting these issues."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693 Protection Mechanism Failure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-65529",
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-65529."
}
],
"source": {
"advisory": "LEN-65529",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2021-3453",
"datePublished": "2021-07-16T20:30:17.000Z",
"dateReserved": "2021-03-19T00:00:00.000Z",
"dateUpdated": "2025-12-16T17:56:22.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-1892 (GCVE-0-2022-1892)
Vulnerability from nvd – Published: 2023-01-23 15:31 – Updated: 2025-04-02 14:37
VLAI?
Summary
A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
Severity ?
6.7 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Credits
Lenovo thanks Martin Smolár from ESET for reporting these issues.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:17:00.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-91369"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1892",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-02T14:36:42.939310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T14:37:24.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Lenovo thanks Martin Smol\u00e1r from ESET for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code."
}
],
"value": "A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-26T06:03:10.975Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-91369"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update system firmware to the version (or newer) indicated for your model in the product Impact section of LEN-91369\u003cbr\u003e"
}
],
"value": "Update system firmware to the version (or newer) indicated for your model in the product Impact section of LEN-91369\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2022-1892",
"datePublished": "2023-01-23T15:31:19.243Z",
"dateReserved": "2022-05-25T20:29:39.456Z",
"dateUpdated": "2025-04-02T14:37:24.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3614 (GCVE-0-2021-3614)
Vulnerability from nvd – Published: 2021-07-16 20:30 – Updated: 2024-08-03 17:01
VLAI?
Summary
A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage.
Severity ?
6.4 (Medium)
CWE
- CWE-636 - Not Failing Securely ('Failing Open')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lenovo | Notebook BIOS |
Affected:
various
|
Credits
Lenovo thanks Tim Boyd, NCC Group for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:07.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Notebook BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Tim Boyd, NCC Group for reporting this issue."
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-636",
"description": "CWE-636 Not Failing Securely (\u0027Failing Open\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-16T20:30:20",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
],
"solutions": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-65529."
}
],
"source": {
"advisory": "LEN-65529",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2021-3614",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Notebook BIOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Tim Boyd, NCC Group for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-636 Not Failing Securely (\u0027Failing Open\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-65529",
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-65529."
}
],
"source": {
"advisory": "LEN-65529",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2021-3614",
"datePublished": "2021-07-16T20:30:20",
"dateReserved": "2021-06-23T00:00:00",
"dateUpdated": "2024-08-03T17:01:07.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3453 (GCVE-0-2021-3453)
Vulnerability from nvd – Published: 2021-07-16 20:30 – Updated: 2025-12-16 17:56
VLAI?
Summary
Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage.
Severity ?
6.8 (Medium)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Lenovo thanks Binarly efiXplorer team for reporting these issues.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:53:17.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-3453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-16T17:55:59.636899Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T17:56:22.882Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lenovo thanks Binarly efiXplorer team for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"value": "Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-16T20:30:17.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
],
"solutions": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-65529."
}
],
"source": {
"advisory": "LEN-65529",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2021-3453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo thanks Binarly efiXplorer team for reporting these issues."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693 Protection Mechanism Failure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-65529",
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/LEN-65529"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-65529."
}
],
"source": {
"advisory": "LEN-65529",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2021-3453",
"datePublished": "2021-07-16T20:30:17.000Z",
"dateReserved": "2021-03-19T00:00:00.000Z",
"dateUpdated": "2025-12-16T17:56:22.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}