Lucene search

[email protected]NVD:CVE-2021-3614

HistoryJul 16, 2021 - 9:15 p.m.

CVE-2021-3614

2021-07-1621:15:10

CWE-636

[email protected]

web.nvd.nist.gov

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

30.8%

JSON

A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage.

Affected configurations

NVD

Node

lenovoideapad_1-11ada05_firmwareMatchfqcn19ww

AND

lenovoideapad_1-11ada05Match-

Node

lenovoideapad_1-14ada05_firmwareMatchfqcn19ww

AND

lenovoideapad_1-14ada05Match-

Node

lenovov130-15ikb_firmwareMatch-

AND

lenovov130-15ikbMatch-

Node

lenovo100e_2nd_gen_firmwareMatch-

AND

lenovo100e_2nd_genMatch-

Node

lenovo300e_2nd_gen_firmwareMatch-

AND

lenovo300e_2nd_genMatch-

Node

lenovoideapad_730-13iml_firmwareMatch-

AND

lenovoideapad_730-13imlMatch-

Node

lenovoideapad_flex_5-14alc05_firmwareMatch-

AND

lenovoideapad_flex_5-14alc05Match-

Node

lenovoideapad_flex_5-15alc05_firmwareMatch-

AND

lenovoideapad_flex_5-15alc05Match-

Node

lenovoideapad_1-11igl05_firmwareMatch-

AND

lenovoideapad_1-11igl05Match-

Node

lenovoideapad_1-14igl05_firmwareMatch-

AND

lenovoideapad_1-14igl05Match-

Node

lenovoideapad_s940-14iil_firmwareMatch-

AND

lenovoideapad_s940-14iilMatch-

Node

lenovoideapad_s940-14iwl_firmwareMatch-

AND

lenovoideapad_s940-14iwlMatch-

Node

lenovoideapad_slim_1-11ast-05_firmwareMatch-

AND

lenovoideapad_slim_1-11ast-05Match-

Node

lenovoideapad_slim_1-14ast-05_firmwareMatch-

AND

lenovoideapad_slim_1-14ast-05Match-

Node

lenovov130-15igm_firmwareMatch-

AND

lenovov130-15igmMatch-

Node

lenovov130-15ikb_firmwareMatch-

AND

lenovov130-15ikbMatch-

Node

lenovov330-15ikb_firmwareMatch-

AND

lenovov330-15ikbMatch-

Node

lenovov330-15isk_firmwareMatch-

AND

lenovov330-15iskMatch-

Node

lenovoideapad_yoga_c940-15irh_firmwareMatch-

AND

lenovoideapad_yoga_c940-15irhMatch-

Node

lenovoideapad_yoga_s730-13iml_firmwareMatch-

AND

lenovoideapad_yoga_s730-13imlMatch-

Node

lenovoideapad_yoga_s940-14iil_firmwareMatch-

AND

lenovoideapad_yoga_s940-14iilMatch-

Node

lenovoideapad_yoga_s940-14iwl_firmwareMatch-

AND

lenovoideapad_yoga_s940-14iwlMatch-

References

support.lenovo.com/us/en/product_security/LEN-65529

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

30.8%

JSON

Related for NVD:CVE-2021-3614

cvelist1 cve1 prion1 lenovo1