2 matches found
CVE-2021-3970
A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attacker with local access and elevated privileges to execute arbitrary code...
CVE-2021-3970
CVE-2021-3970 applies to Lenovo notebook firmware. The issue is a memory corruption in the LenovoVariable SMI Handler caused by insufficient validation, potentially allowing a local attacker with elevated privileges to execute arbitrary code in BIOS/SMM. Lenovo and advisories note affected models...