MEDIUM🇬🇧 English

CVE-2021-3599

CVSS 6.7v3.1pub. 2021-11-12upd. 2024-11-21

A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Lenovo Thinkpad 10

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 10 Firmware

    OS
    Lenovo
    < 2021-10-25
  • Lenovo Thinkpad S2 Gen 6

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad S2 Gen 6 Firmware

    OS
    Lenovo
    < 2021-10-31
  • Lenovo Thinkpad S2 Yoga Gen 6

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad S2 Yoga Gen 6 Firmware

    OS
    Lenovo
    < 2021-10-31
  • Lenovo Thinkpad T460p

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T460p Firmware

    OS
    Lenovo
    < 2021-10-29
  • Lenovo Thinkpad T460s

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T460s Firmware

    OS
    Lenovo
    < n1cet84w
  • Lenovo Thinkpad T480

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T480 Firmware

    OS
    Lenovo
    < n24et65w
  • Lenovo Thinkpad T550

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T550 Firmware

    OS
    Lenovo
    < n11et54w
  • Lenovo Thinkpad T560

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T560 Firmware

    OS
    Lenovo
    < n1ket52w
  • Lenovo Thinkpad T570

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T570 Firmware

    OS
    Lenovo
    < n1vet57w
  • Lenovo Thinkpad T580

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T580 Firmware

    OS
    Lenovo
    < n27et43w
  • Lenovo Thinkpad T590

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T590 Firmware

    OS
    Lenovo
    < n2iet96w
  • Lenovo Thinkpad W550s

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad W550s Firmware

    OS
    Lenovo
    < n11et54w
  • Lenovo Thinkpad X12 Detachable Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad X12 Detachable Gen 1 Firmware

    OS
    Lenovo
    < 2021-10-31
  • Lenovo Thinkpad X13 Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad X13 Gen 1 Firmware

    OS
    Lenovo
    < n2yet31w
  • Lenovo Thinkpad X13 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad X13 Gen 2 Firmware

    OS
    Lenovo
    < n35et41w
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2019-18619HIGH7.8ten sam produkt

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all ver...

CVE-2018-16098HIGH7.8ten sam produkt

In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics...

CVE-2017-3767HIGH7.8ten sam produkt

A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1....

CVE-2023-5078MEDIUM6.7ten sam produkt

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...

CVE-2022-4573MEDIUM6.7ten sam produkt

An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with loca...

CVE-2021-3599 — MEDIUM 6.7 | CVEbaza.pl