Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2022/04/22 9:15 p.m.2 views

CVE-2021-3970

A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attacker with local access and elevated privileges to execute arbitrary code...

7.2CVSS7.2AI score0.01315EPSS
Exploits0References2
CVE
CVE
added 2022/04/22 8:30 p.m.96 views

CVE-2021-3970

CVE-2021-3970 applies to Lenovo notebook firmware. The issue is a memory corruption in the LenovoVariable SMI Handler caused by insufficient validation, potentially allowing a local attacker with elevated privileges to execute arbitrary code in BIOS/SMM. Lenovo and advisories note affected models...

7.2CVSS6.8AI score0.01315EPSS
Exploits0References1Affected Software1
Malwarebytes
Malwarebytes
added 2022/04/21 3:11 p.m.98 views

Lenovo issues fixes for laptop backdoors

Researchers have discovered three vulnerabilities affecting various Lenovo consumer laptop models. The vulnerabilities were found in UEFI firmware drivers originally meant to be used only during the manufacturing process, along with a vulnerability in the SW SMI handler function. The list of...

1AI score0.02999EPSS
Exploits1
The Hacker News
The Hacker News
added 2022/04/19 12:31 p.m.66 views

New Lenovo UEFI Firmware Vulnerabilities Affect Millions of Laptops

Three high-impact Unified Extensible Firmware Interface UEFI security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices. Tracked as CVE-2021-3970, CVE-2021-3971, and...

7.2CVSS1.3AI score0.02999EPSS
Exploits1
Rows per page
Query Builder