3 matches found
CVE-2021-3971
A potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify firmware protection region by modifying an NVRAM variable...
Lenovo issues fixes for laptop backdoors
Researchers have discovered three vulnerabilities affecting various Lenovo consumer laptop models. The vulnerabilities were found in UEFI firmware drivers originally meant to be used only during the manufacturing process, along with a vulnerability in the SW SMI handler function. The list of...
New Lenovo UEFI Firmware Vulnerabilities Affect Millions of Laptops
Three high-impact Unified Extensible Firmware Interface UEFI security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices. Tracked as CVE-2021-3970, CVE-2021-3971, and...