MEDIUM🇵🇱 Wersja polska

CVE-2021-3786

CVSS 4.4v3.1pub. 2021-11-12upd. 2024-11-21

A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • Lenovo Thinkpad 10

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 10 Firmware

    OS
    Lenovo
    < 2021-10-25
  • Lenovo Thinkpad S2 Gen 6

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad S2 Gen 6 Firmware

    OS
    Lenovo
    < 2021-10-31
  • Lenovo Thinkpad S2 Yoga Gen 6

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad S2 Yoga Gen 6 Firmware

    OS
    Lenovo
    < 2021-10-31
  • Lenovo Thinkpad T460p

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T460p Firmware

    OS
    Lenovo
    < 2021-10-29
  • Lenovo Thinkpad T460s

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T460s Firmware

    OS
    Lenovo
    < n1cet84w
  • Lenovo Thinkpad T480

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T480 Firmware

    OS
    Lenovo
    < n24et65w
  • Lenovo Thinkpad T550

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T550 Firmware

    OS
    Lenovo
    < n11et54w
  • Lenovo Thinkpad T560

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T560 Firmware

    OS
    Lenovo
    < n1ket52w
  • Lenovo Thinkpad T570

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T570 Firmware

    OS
    Lenovo
    < n1vet57w
  • Lenovo Thinkpad T580

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T580 Firmware

    OS
    Lenovo
    < n27et43w
  • Lenovo Thinkpad T590

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad T590 Firmware

    OS
    Lenovo
    < n2iet96w
  • Lenovo Thinkpad W550s

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad W550s Firmware

    OS
    Lenovo
    < n11et54w
  • Lenovo Thinkpad X12 Detachable Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad X12 Detachable Gen 1 Firmware

    OS
    Lenovo
    < 2021-10-31
  • Lenovo Thinkpad X13 Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad X13 Gen 1 Firmware

    OS
    Lenovo
    < n2yet31w
  • Lenovo Thinkpad X13 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad X13 Gen 2 Firmware

    OS
    Lenovo
    < n35et41w
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2019-18619HIGH7.8ten sam produkt

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all ver...

CVE-2018-16098HIGH7.8ten sam produkt

In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics...

CVE-2017-3767HIGH7.8ten sam produkt

A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1....

CVE-2023-5078MEDIUM6.7ten sam produkt

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...

CVE-2022-4573MEDIUM6.7ten sam produkt

An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with loca...