Lucene search

[email protected]CVE-2021-3519

HistoryNov 12, 2021 - 10:15 p.m.

CVE-2021-3519

2021-11-1222:15:07

CWE-287

[email protected]

web.nvd.nist.gov

cve-2021-3519

vulnerability

lenovo desktop

unauthorized access

boot menu

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.0%

JSON

A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the “BIOS Password At Boot Device List” BIOS setting is Yes.

Affected configurations

NVD

Node

lenovoideacentre_c5-14mb05_firmwareRange<o4hkt33a

AND

lenovoideacentre_c5-14mb05Match-

Node

lenovoideacentre_3-07imb05_firmwareRange<m2vkt18a

AND

lenovoideacentre_3-07imb05Match-

Node

lenovoideacentre_5-14imb05_firmwareRange<o4hkt33a

AND

lenovoideacentre_5-14imb05Match-

Node

lenovoideacentre_5-14iob6_firmwareRange<m3gkt29a

AND

lenovoideacentre_5-14iob6Match-

Node

lenovoideacentre_creator_5-14iob6_firmwareRange<m3gkt29a

AND

lenovoideacentre_creator_5-14iob6Match-

Node

lenovoideacentre_g5-14imb05_firmwareRange<o4hkt33a

AND

lenovoideacentre_g5-14imb05Match-

Node

lenovoideacentre_gaming_5-14iob6_firmwareRange<m3gkt29a

AND

lenovoideacentre_gaming_5-14iob6Match-

Node

lenovothinkcentre_m60e_tiny_firmwareRange<m3skt1ea

AND

lenovothinkcentre_m60e_tinyMatch-

Node

lenovothinkcentre_m630e_firmwareRange<m28kt36a

AND

lenovothinkcentre_m630eMatch-

Node

lenovothinkcentre_m70a_firmwareRange≤m2skt21a

AND

lenovothinkcentre_m70aMatch-

Node

lenovothinkcentre_m70s_firmwareRange<m2tkt3ca

AND

lenovothinkcentre_m70sMatch-

Node

lenovothinkcentre_m70t_firmwareRange<m2tkt3ca

AND

lenovothinkcentre_m70tMatch-

Node

lenovothinkcentre_m710e_firmwareRange<m1zkt37a

AND

lenovothinkcentre_m710eMatch-

Node

lenovothinkcentre_m710s_firmwareRange<m16kt67a

AND

lenovothinkcentre_m710sMatch-

Node

lenovothinkcentre_m710t_firmwareRange<m16kt67a

AND

lenovothinkcentre_m710tMatch-

Node

lenovothinkcentre_m720e_firmwareRange<m30kt23a

AND

lenovothinkcentre_m720eMatch-

Node

lenovothinkcentre_m75n_firmwareRange<m33kt21a

AND

lenovothinkcentre_m75nMatch-

Node

lenovothinkcentre_m75s_gen_2_firmwareRange<m3bkt24amatisse

AND

lenovothinkcentre_m75s_gen_2Match-

Node

lenovothinkcentre_m70a_gen_2_firmwareRange<m3nkt17a

AND

lenovothinkcentre_m70a_gen_2Match-

Node

lenovothinkcentre_m70c_firmwareRange<m2vkt18a

AND

lenovothinkcentre_m70cMatch-

Node

lenovothinkcentre_m70q_firmwareRange<m2wkt49a

AND

lenovothinkcentre_m70qMatch-

Node

lenovothinkcentre_m75s_gen_2_firmwareRange<m3akt35apicasso\/renoir

AND

lenovothinkcentre_m75s_gen_2Match-

Node

lenovothinkcentre_m75t_gen_2_firmwareRange<m3bkt24amatisse

AND

lenovothinkcentre_m75t_gen_2Match-

Node

lenovothinkcentre_m75t_gen_2_firmwareRange<m3akt35apicasso\/renoir

AND

lenovothinkcentre_m75t_gen_2Match-

Node

lenovothinkcentre_m80q_firmwareRange<m2wkt49a

AND

lenovothinkcentre_m80qMatch-

Node

lenovothinkcentre_m80s_firmwareRange<m2tkt3ca

AND

lenovothinkcentre_m80sMatch-

Node

lenovothinkcentre_m80t_firmwareRange<m2tkt3ca

AND

lenovothinkcentre_m80tMatch-

Node

lenovothinkcentre_m810z_firmwareRange<m1ckt47a

AND

lenovothinkcentre_m810zMatch-

Node

lenovothinkcentre_m820z_firmwareRange<m1nkt57a

AND

lenovothinkcentre_m820zMatch-

Node

lenovothinkcentre_m90a_firmwareRange<m2rkt47a

AND

lenovothinkcentre_m90aMatch-

Node

lenovothinkcentre_m90q_tiny_firmwareRange<m2wkt49a

AND

lenovothinkcentre_m90a_tinyMatch-

Node

lenovothinkcentre_m90s_firmwareRange<m2tkt3ca

AND

lenovothinkcentre_m90sMatch-

Node

lenovothinkcentre_m90t_firmwareRange<m2tkt3ca

AND

lenovothinkcentre_m90tMatch-

Node

lenovothinkcentre_qt_m410_firmwareRange<m16kt67a

AND

lenovothinkcentre_qt_m410Match-

Node

lenovothinkcentre_qt_b415_firmwareRange<m16kt67a

AND

lenovothinkcentre_qt_b415Match-

Node

lenovothinkcentre_qt_m415_firmwareRange<m16kt67a

AND

lenovothinkcentre_qt_m415Match-

Node

lenovothinkcentre_e75_t\/s_firmwareRange<m16kt67a

AND

lenovothinkcentre_e75_t\/sMatch-

Node

lenovoideacentre_310s-08igm_firmwareRange≤m1tkt31a

AND

lenovoideacentre_310s-08igmMatch-

microsoftwindows_10Match-x64

Node

lenovoideacentre_510a-15arr_firmwareRange≤o4dkt41a

AND

lenovoideacentre_510a-15arrMatch-

microsoftwindows_10Match-x64

Node

lenovoideacentre_510s-07icb_firmwareRange<m22kt46a

AND

lenovoideacentre_510s-07icbMatch-

microsoftwindows_10Match-x64

Node

lenovoideacentre_510s-07ick_firmwareRange<m30kt24a

AND

lenovoideacentre_510s-07ickMatch-

microsoftwindows_10Match-x64

Node

lenovoideacentre_510s-07ick_firmwareRange<m30kt23a

AND

lenovoideacentre_510s-07ickMatch-

Node

lenovov30a-22iml_firmwareRange<m37kt26a

AND

lenovov30a-22imlMatch-

Node

lenovov330_firmwareRange≤m1tkt32a

AND

lenovov330Match-

Node

lenovov50a-24imb_firmwareRange<m36kt27a

AND

lenovov50a-24imbMatch-

Node

lenovov50s-07imb_firmwareRange<m2vkt18a

AND

lenovov50s-07imbMatch-

Node

lenovov50a-22imb_firmwareRange<m36kt27a

AND

lenovov50a-22imbMatch-

Node

lenovov50t-13imb_firmwareRange<o4hkt33a

AND

lenovov50t-13imbMatch-

Node

lenovov50t-13imb_g2_firmwareRange<m3gkt29a

AND

lenovov50t-13imb_g2Match-

Node

lenovov520_firmwareRange<m16kt67a

AND

lenovov520Match-

Node

lenovov520s_firmwareRange<m16kt67a

AND

lenovov520sMatch-

Node

lenovov530-15arr_firmwareRange≤o4dkt41a

AND

lenovov530-15arrMatch-

Node

lenovov530-15icr_firmwareRange<m2ykt29a

AND

lenovov530-15icrMatch-

Node

lenovov530s-07icb_firmwareRange<m30kt23a

AND

lenovov530s-07icbMatch-

Node

lenovov530s-07icr_firmwareRange<m30kt23a

AND

lenovov530s-07icrMatch-

Node

lenovov55t-15api_firmwareRange≤o4dkt41a

AND

lenovov55t-15apiMatch-

Node

lenovothinkstation_p340_tiny_firmwareRange<m2wkt49a

AND

lenovothinkstation_p340_tinyMatch-

Node

lenovothinkstation_p340_firmwareRange<s08kt3fa

AND

lenovothinkstation_p340Match-

Node

lenovothinkstation_p520_firmwareRange≤s03kt49a

AND

lenovothinkstation_p520Match-

Node

lenovothinkstation_p520c_firmwareRange≤s03kt49a

AND

lenovothinkstation_p520cMatch-

Node

lenovothinkstation_p720_firmwareRange<s04kt54a\/s04kt54p

AND

lenovothinkstation_p720Match-

Node

lenovothinkstation_p920_firmwareRange<s04kt54a\/s04kt54p

AND

lenovothinkstation_p920Match-

CPENameOperatorVersion
lenovo:ideacentre_c5-14mb05_firmwarelenovo ideacentre c5-14mb05 firmwarelto4hkt33a

CPE	Name	Operator	Version
lenovo:ideacentre_c5-14mb05_firmware	lenovo ideacentre c5-14mb05 firmware	lt	o4hkt33a

CNA Affected

[
  {
    "product": "Desktop BIOS",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-67440

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.0%

JSON

Related for CVE-2021-3519

cvelist1 nvd1 prion1