Lucene search
K

The vulnerability of the ChgBootDxeHook driver in Lenovo notebook BIOS microprogramming software allows a malicious actor to execute malicious drivers and applications during the boot process.

🗓️ 21 Apr 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 3 Views

Lenovo notebook BIOS flaw in ChgBootDxeHook lets NVRAM edits disable boot and run malicious code.

Related
Refs
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for Active Debug Code in Lenovo Ideapad_3-14Ada05_Firmware
21 Apr 202210:25
githubexploit
ATTACKERKB
CVE-2021-3972
22 Apr 202221:15
attackerkb
Circl
CVE-2021-3972
20 Apr 202203:02
circl
CNNVD
Lenovo Notebook 安全漏洞
18 Apr 202200:00
cnnvd
CVE
CVE-2021-3972
22 Apr 202220:30
cve
Cvelist
CVE-2021-3972
22 Apr 202220:30
cvelist
EUVD
EUVD-2021-27177
7 Oct 202500:30
euvd
Lenovo
Lenovo Notebook BIOS Vulnerabilities - Lenovo Support US
18 Apr 202215:28
lenovo
Malwarebytes
Lenovo issues fixes for laptop backdoors
21 Apr 202215:11
malwarebytes
NCSC
Vulnerabilities fixed in Lenovo notebook BIOS
19 Apr 202200:00
ncsc
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

21 Apr 2022 00:00Current
5.6Medium risk
Vulners AI Score5.6
CVSS 36.7
CVSS 26.8
EPSS0.02974
3