MEDIUM🇵🇱 Wersja polska

CVE-2021-3843

CVSS 6.7v3.1pub. 2021-11-12upd. 2024-11-21

A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Lenovo Thinkpad 11e 3rd Gen

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 3rd Gen Firmware

    OS
    Lenovo
    ≤ 1.22≤ 1.29
  • Lenovo Thinkpad 11e 4th Gen Celeron

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 4th Gen Celeron Firmware

    OS
    Lenovo
    ≤ 1.27
  • Lenovo Thinkpad 11e 4th Gen I3

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 4th Gen I3 Firmware

    OS
    Lenovo
    ≤ 1.22
  • Lenovo Thinkpad 11e 4th Gen I5

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 4th Gen I5 Firmware

    OS
    Lenovo
    ≤ 1.22
  • Lenovo Thinkpad 11e 4th Gen I7

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 4th Gen I7 Firmware

    OS
    Lenovo
    ≤ 1.22
  • Lenovo Thinkpad 11e 5th Gen

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e 5th Gen Firmware

    OS
    Lenovo
    ≤ 1.13
  • Lenovo Thinkpad 11e Yoga Gen 6

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 11e Yoga Gen 6 Firmware

    OS
    Lenovo
    ≤ 1.12
  • Lenovo Thinkpad 13 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad 13 Gen 2 Firmware

    OS
    Lenovo
    ≤ 1.29
  • Lenovo Thinkpad L13

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Firmware

    OS
    Lenovo
    ≤ 1.31
  • Lenovo Thinkpad L13 Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Gen 2 Firmware

    OS
    Lenovo
    ≤ 1.11≤ 1.08
  • Lenovo Thinkpad L13 Yoga

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Yoga Firmware

    OS
    Lenovo
    ≤ 1.31
  • Lenovo Thinkpad L13 Yoga Gen 2

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L13 Yoga Gen 2 Firmware

    OS
    Lenovo
    ≤ 1.08≤ 1.11
  • Lenovo Thinkpad L14

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L14 Firmware

    OS
    Lenovo
    < 1.20.1.17
  • Lenovo Thinkpad L14 Gen 1

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L14 Gen 1 Firmware

    OS
    Lenovo
    < 1.15
  • Lenovo Thinkpad L15

    HW
    Lenovo
    wszystkie wersje
  • Lenovo Thinkpad L15 Firmware

    OS
    Lenovo
    < 1.20.1.17
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2017-3767HIGH7.8ten sam produkt

A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1....

CVE-2023-5078MEDIUM6.7ten sam produkt

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated...

CVE-2022-4574MEDIUM6.7ten sam produkt

An SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker wit...

CVE-2022-4573MEDIUM6.7ten sam produkt

An SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with loca...

CVE-2022-4575MEDIUM6.7ten sam produkt

A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad ...