Lucene search

[email protected]CVE-2021-4211

HistoryApr 22, 2022 - 9:15 p.m.

CVE-2021-4211

2022-04-2221:15:10

CWE-20

[email protected]

web.nvd.nist.gov

lenovo

desktop

thinkstation

thinkedge

smbios

smi

vulnerability

nvd

cve-2021-4211

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Affected configurations

NVD

Node

lenovoa340-22icb_firmwareMatch-

AND

lenovoa340-22icbMatch-

Node

lenovoa340-22ick_firmwareMatch-

AND

lenovoa340-22ickMatch-

Node

lenovoa340-24icb_firmwareMatch-

AND

lenovoa340-24icbMatch-

Node

lenovoa340-24ick_firmwareMatch-

AND

lenovoa340-24ickMatch-

Node

lenovoa540-24icb_firmwareMatch-

AND

lenovoa540-24icbMatch-

Node

lenovoa540-27icb_firmwareMatch-

AND

lenovoa540-27icbMatch-

Node

lenovoideacentre_5-14iob6_firmwareMatch-

AND

lenovoideacentre_5-14iob6Match-

Node

lenovoideacentre_510s-07icb_firmwareMatch-

AND

lenovoideacentre_510s-07icbMatch-

Node

lenovoideacentre_510s-07ick_firmwareMatch-

AND

lenovoideacentre_510s-07ickMatch-

Node

lenovoideacentre_aio_3-22ada6_firmwareMatch-

AND

lenovoideacentre_aio_3-22ada6Match-

Node

lenovoideacentre_aio_3-22iil5_firmwareMatch-

AND

lenovoideacentre_aio_3-22iil5Match-

Node

lenovoideacentre_aio_3-22itl6_firmwareMatch-

AND

lenovoideacentre_aio_3-22itl6Match-

Node

lenovoideacentre_aio_3-24ada6_firmwareMatch-

AND

lenovoideacentre_aio_3-24ada6Match-

Node

lenovoideacentre_aio_3-24iil5_firmwareMatch-

AND

lenovoideacentre_aio_3-24iil5Match-

Node

lenovoideacentre_aio_3-24itl6_firmwareMatch-

AND

lenovoideacentre_aio_3-24itl6Match-

Node

lenovoideacentre_aio_3-27itl6_firmwareMatch-

AND

lenovoideacentre_aio_3-27itl6Match-

Node

lenovoideacentre_creator_5-14iob6_firmwareMatch-

AND

lenovoideacentre_creator_5-14iob6Match-

Node

lenovoideacentre_gaming_5-14iob6_firmwareMatch-

AND

lenovoideacentre_gaming_5-14iob6Match-

Node

lenovose30_firmwareMatch-

AND

lenovose30Match-

Node

lenovothinkcentre_m600_firmwareMatch-

AND

lenovothinkcentre_m600Match-

Node

lenovothinkcentre_m700_tiny_firmwareMatch-

AND

lenovothinkcentre_m700_tinyMatch-

Node

lenovothinkcentre_m70a_firmwareMatch-

AND

lenovothinkcentre_m70aMatch-

Node

lenovothinkcentre_m710e_firmwareMatch-

AND

lenovothinkcentre_m710eMatch-

Node

lenovothinkcentre_m710q_firmwareMatch-

AND

lenovothinkcentre_m710qMatch-

Node

lenovothinkcentre_m710q_\(10yc\)_firmwareMatch-

AND

lenovothinkcentre_m710q_\(10yc\)Match-

Node

lenovothinkcentre_m710s_firmwareMatch-

AND

lenovothinkcentre_m710sMatch-

Node

lenovothinkcentre_m710t_firmwareMatch-

AND

lenovothinkcentre_m710tMatch-

Node

lenovothinkcentre_m720e_firmwareMatch-

AND

lenovothinkcentre_m720eMatch-

Node

lenovothinkcentre_m75n_firmwareMatch-

AND

lenovothinkcentre_m75nMatch-

Node

lenovothinkcentre_m800_firmwareMatch-

AND

lenovothinkcentre_m800Match-

Node

lenovothinkcentre_m810z_firmwareMatch-

AND

lenovothinkcentre_m810zMatch-

Node

lenovothinkcentre_m820z_firmwareMatch-

AND

lenovothinkcentre_m820zMatch-

Node

lenovothinkcentre_m900_firmwareMatch-

AND

lenovothinkcentre_m900Match-

Node

lenovothinkcentre_m900x_firmwareMatch-

AND

lenovothinkcentre_m900xMatch-

Node

lenovothinkcentre_m90a_\(gen_2\)_firmwareMatch-

AND

lenovothinkcentre_m90a_\(gen_2\)Match-

Node

lenovothinkcentre_m910q_firmwareMatch-

AND

lenovothinkcentre_m910qMatch-

Node

lenovothinkcentre_m910s_firmwareMatch-

AND

lenovothinkcentre_m910sMatch-

Node

lenovothinkcentre_m910t_firmwareMatch-

AND

lenovothinkcentre_m910tMatch-

Node

lenovothinkcentre_m910x_firmwareMatch-

AND

lenovothinkcentre_m910xMatch-

Node

lenovothinkstation_p310_firmwareMatch-

AND

lenovothinkstation_p310Match-

Node

lenovothinkstation_p320_firmwareMatch-

AND

lenovothinkstation_p320Match-

Node

lenovothinkstation_p320_tiny_firmwareMatch-

AND

lenovothinkstation_p320_tinyMatch-

Node

lenovov30a-22iml_firmwareMatch-

AND

lenovov30a-22imlMatch-

Node

lenovov30a-24iml_firmwareMatch-

AND

lenovov30a-24imlMatch-

Node

lenovov410z_firmwareMatch-

AND

lenovov410zMatch-

Node

lenovov50t-13iob_g2_firmwareMatch-

AND

lenovov50t-13iob_g2Match-

Node

lenovov520_firmwareMatch-

AND

lenovov520Match-

Node

lenovov520s_firmwareMatch-

AND

lenovov520sMatch-

Node

lenovov530-15icb_firmwareMatch-

AND

lenovov530-15icbMatch-

Node

lenovov530-15icr_firmwareMatch-

AND

lenovov530-15icrMatch-

Node

lenovov530s-07icb_firmwareMatch-

AND

lenovov530s-07icbMatch-

Node

lenovov530s-07icr_firmwareMatch-

AND

lenovov530s-07icrMatch-

Node

lenovov540-24iwl_firmwareMatch-

AND

lenovov540-24iwlMatch-

CPENameOperatorVersion
lenovo:a340-22icb_firmwarelenovo a340-22icb firmwareeq-

CPE	Name	Operator	Version
lenovo:a340-22icb_firmware	lenovo a340-22icb firmware	eq	-

CNA Affected

[
  {
    "product": "BIOS",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-77639

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2021-4211

prion1 cvelist1 nvd1