A potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify firmware protection region by modifying an NVRAM variable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lenovo ideapad 3-14ada05 firmware |
||
lenovo ideapad 3-14ada6 firmware |
||
lenovo ideapad 3-14alc6 firmware |
||
lenovo ideapad 3-14are05 firmware |
||
lenovo ideapad 3-15ada6 firmware |
||
lenovo ideapad 3-15alc6 firmware |
||
lenovo ideapad 3-15are05 firmware |
||
lenovo ideapad 3-15igl05 firmware |
||
lenovo ideapad 3-17ada05 firmware |
||
lenovo ideapad 3-17ada6 firmware |
||
lenovo ideapad 3-17alc6 firmware |
||
lenovo ideapad 3-17are05 firmware |
||
lenovo ideapad 3-17iil05 firmware |
||
lenovo ideapad 3-15ada05 firmware |
||
lenovo l3-15itl6 firmware |
||
lenovo l340-15irh firmware |
||
lenovo l340-15iwl firmware |
||
lenovo l340-15iwl touch firmware |
||
lenovo l340-17irh firmware |
||
lenovo l340-17iwl firmware |
||
lenovo legion 5 pro-16ach6 firmware |
||
lenovo legion 5 pro-16ach6h firmware |
||
lenovo legion 5 pro-16ith6 firmware |
||
lenovo legion 5 pro-16ith6h firmware |
||
lenovo legion 5-15ach6 firmware |
||
lenovo legion 5-15ach6a firmware |
||
lenovo legion 5-15ach6h firmware |
||
lenovo legion 5-15ith6 firmware |
||
lenovo legion 5-15ith6h firmware |
||
lenovo legion 5-17ach6 firmware |
||
lenovo legion 5-17ach6h firmware |
||
lenovo legion 5-17ith6 firmware |
||
lenovo legion 5-17ith6h firmware |
||
lenovo legion 7-16achg6 firmware |
||
lenovo legion 7-16ithg6 firmware |
||
lenovo legion y540-15irh firmware |
||
lenovo legion y540-15irh-pg0 firmware |
||
lenovo legion y540-17irh firmware |
||
lenovo legion y540-17irh-pg0 firmware |
||
lenovo legion y545 firmware |
||
lenovo legion y545-pg0 firmware |
||
lenovo legion y7000-2019 firmware |
||
lenovo legion y7000-2019-pg0 firmware |
||
lenovo s145-14api firmware |
||
lenovo s145-14ast firmware |
||
lenovo s145-14igm firmware |
||
lenovo s145-14iil firmware |
||
lenovo s145-15api firmware |
||
lenovo s145-15ast firmware |
||
lenovo s145-15igm firmware |
||
lenovo s145-15iil firmware |
||
lenovo s540-13api firmware |
||
lenovo v14 g2-acl firmware |
||
lenovo v14-ada firmware |
||
lenovo v14-are firmware |
||
lenovo v14-igl firmware |
||
lenovo v14-iil firmware |
||
lenovo v140-15iwl firmware |
||
lenovo v15 g2-alc firmware |
||
lenovo v15-ada firmware |
||
lenovo v15-igl firmware |
||
lenovo v15-iil firmware |
||
lenovo v17-iil firmware |
||
lenovo v340-17iwl firmware |
||
lenovo yoga slim 7 pro-14ach5 d firmware |
||
lenovo yoga slim 7 pro-14ach5 od firmware |
||
lenovo ideapad 3-14iil05 firmware |
||
lenovo ideapad 3-14igl05 firmware |
||
lenovo ideapad 3-15iil05 firmware |
||
lenovo ideapad 5-15are05 firmware |
||
lenovo ideapad creator 5-15imh05 firmware |
||
lenovo ideapad gaming 3-15arh05 firmware |
||
lenovo ideapad gaming 3-15imh05 firmware |
Get our weekly newsletter Firmware updates incoming in response to UEFI threats
Got a Lenovo laptop? You might need to do a swift bit of patching judging by the latest set of vulnerabilities uncovered by security researchers at ESET. Three vulnerabilities were reported today: CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972. The latter two are particularly embarrassing since they are related to UEFI firmware drivers used in the manufacturing process and can be used to disable SPI flash protections or the UEFI Secure Boot feature. "UEFI threats can be extremely stealthy and d...