MEDIUM🇬🇧 English

CVE-2021-3843

CVSS 6.7v3.1pub. 2021-11-12upd. 2024-11-21

A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Lenovo Thinkpad 11e 3rd Gen

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 3rd Gen Firmware

    OS
    Lenovo
    ≤ 1.22≤ 1.29
  • Lenovo Thinkpad 11e 4th Gen Celeron

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 4th Gen Celeron Firmware

    OS
    Lenovo
    ≤ 1.27
  • Lenovo Thinkpad 11e 4th Gen I3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 4th Gen I3 Firmware

    OS
    Lenovo
    ≤ 1.22
  • Lenovo Thinkpad 11e 4th Gen I5

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 4th Gen I5 Firmware

    OS
    Lenovo
    ≤ 1.22
  • Lenovo Thinkpad 11e 4th Gen I7

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 4th Gen I7 Firmware

    OS
    Lenovo
    ≤ 1.22
  • Lenovo Thinkpad 11e 5th Gen

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 5th Gen Firmware

    OS
    Lenovo
    ≤ 1.13
  • Lenovo Thinkpad 11e Yoga Gen 6

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e Yoga Gen 6 Firmware

    OS
    Lenovo
    ≤ 1.12
  • Lenovo Thinkpad 13 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 13 Gen 2 Firmware

    OS
    Lenovo
    ≤ 1.29
  • Lenovo Thinkpad L13

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Firmware

    OS
    Lenovo
    ≤ 1.31
  • Lenovo Thinkpad L13 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Gen 2 Firmware

    OS
    Lenovo
    ≤ 1.11≤ 1.08
  • Lenovo Thinkpad L13 Yoga

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Yoga Firmware

    OS
    Lenovo
    ≤ 1.31
  • Lenovo Thinkpad L13 Yoga Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Yoga Gen 2 Firmware

    OS
    Lenovo
    ≤ 1.08≤ 1.11
  • Lenovo Thinkpad L14

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L14 Firmware

    OS
    Lenovo
    < 1.20.1.17
  • Lenovo Thinkpad L14 Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L14 Gen 1 Firmware

    OS
    Lenovo
    < 1.15
  • Lenovo Thinkpad L15

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L15 Firmware

    OS
    Lenovo
    < 1.20.1.17
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2017-3767HIGH7.8ten sam produkt

A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1....

CVE-2023-5078MEDIUM6.7ten sam produkt

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...

CVE-2022-4574MEDIUM6.7ten sam produkt

An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker wit...

CVE-2022-4573MEDIUM6.7ten sam produkt

An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with loca...

CVE-2022-4575MEDIUM6.7ten sam produkt

A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad ...