Attacker Value
Unknown
CVE-2021-3972
CVE-2021-3972
(Last updated October 07, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices’ BIOS that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
6.7 Medium
Impact Score:
5.9
Exploitability Score:
0.8
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
High
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Vendors
Products
- ideapad 3-14ada05 firmware,
- ideapad 3-14ada6 firmware,
- ideapad 3-14alc6 firmware,
- ideapad 3-14are05 firmware,
- ideapad 3-14igl05 firmware,
- ideapad 3-14iil05 firmware,
- ideapad 3-14iml05 firmware,
- ideapad 3-14itl05 firmware,
- ideapad 3-14itl6 firmware,
- ideapad 3-15ada05 firmware,
- ideapad 3-15ada6 firmware,
- ideapad 3-15alc6 firmware,
- ideapad 3-15are05 firmware,
- ideapad 3-15igl05 firmware,
- ideapad 3-15iil05 firmware,
- ideapad 3-15iml05 firmware,
- ideapad 3-15itl05 firmware,
- ideapad 3-15itl6 firmware,
- ideapad 3-17ada05 firmware,
- ideapad 3-17ada6 firmware,
- ideapad 3-17alc6 firmware,
- ideapad 3-17are05 firmware,
- ideapad 3-17iil05 firmware,
- ideapad 3-17iml05 firmware,
- ideapad 3-17itl6 firmware,
- ideapad 5-15are05 firmware,
- ideapad 5-15iil05 firmware,
- ideapad creator 5-15imh05 firmware,
- ideapad gaming 3-15arh05 firmware,
- ideapad gaming 3-15imh05 firmware,
- l3 15iml05 firmware,
- l3-15itl6 firmware,
- l340-15irh firmware,
- l340-15iwl firmware,
- l340-15iwl touch firmware,
- l340-17irh firmware,
- l340-17iwl firmware,
- legion 5 pro-16ach6 firmware,
- legion 5 pro-16ach6h firmware,
- legion 5 pro-16ith6 firmware,
- legion 5 pro-16ith6h firmware,
- legion 5-15ach6 firmware,
- legion 5-15ach6a firmware,
- legion 5-15ach6h firmware,
- legion 5-15imh6 firmware,
- legion 5-15ith6 firmware,
- legion 5-15ith6h firmware,
- legion 5-17ach6 firmware,
- legion 5-17ach6h firmware,
- legion 5-17ith6 firmware,
- legion 5-17ith6h firmware,
- legion 7-16achg6 firmware,
- legion 7-16ithg6 firmware,
- legion s7-15ach6 firmware,
- legion y540-15irh firmware,
- legion y540-15irh-pg0 firmware,
- legion y540-17irh firmware,
- legion y540-17irh-pg0 firmware,
- legion y545 firmware,
- legion y545-pg0 firmware,
- legion y7000-2019 firmware,
- legion y7000-2019-pg0 firmware,
- s14 g2 itl firmware,
- s145-14api firmware,
- s145-14ast firmware,
- s145-14igm firmware,
- s145-14iil firmware,
- s145-15api firmware,
- s145-15ast firmware,
- s145-15igm firmware,
- s145-15iil firmware,
- s540-13api firmware,
- s540-13iml firmware -,
- slim 7 pro-14ihu5 firmware -,
- slim 9-14itl05 firmware -,
- v14 g1-iml firmware,
- v14 g2-acl firmware,
- v14 g2-itl firmware,
- v14-ada firmware,
- v14-are firmware,
- v14-igl firmware,
- v14-iil firmware,
- v140-15iwl firmware,
- v15 g1-iml firmware,
- v15 g2-alc firmware,
- v15 g2-itl firmware,
- v15-ada firmware,
- v15-igl firmware,
- v15-iil firmware,
- v17 g2-itl firmware,
- v17-iil firmware,
- v340-17iwl firmware,
- yoga 7-14acn6 firmware,
- yoga c740-14iml firmware,
- yoga c740-15iml firmware,
- yoga c940-14iil firmware -,
- yoga slim 7 pro-14ach5 d firmware,
- yoga slim 7 pro-14ach5 firmware,
- yoga slim 7 pro-14ach5 o firmware,
- yoga slim 7 pro-14ach5 od firmware,
- yoga slim 7 pro-14arh5 firmware,
- yoga slim 7 pro-14ihu5 firmware -,
- yoga slim 7 pro-14ihu5 o firmware -,
- yoga slim 7 pro-14itl5 firmware -,
- yoga slim 9-14itl05 firmware -
References
