Lenovo Notebook BIOS Vulnerabilities

Staff

Summary Description:

The following vulnerabilities were reported in Lenovo Notebook BIOS.

CVE-2021-3970: A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code.

CVE-2021-3971: A potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify firmware protection region by modifying an NVRAM variable.

CVE-2021-3972: A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.

Mitigation Strategy for Customers (what you should do to protect yourself):

Update system firmware to the version (or newer) indicated for your model in the Product Impact section.

Read more:

Lenovo Notebook BIOS Vulnerabilities - Lenovo Support RO

support.lenovo.com

Click to expand...

Haydon

Well-known member

Power User

VIP

Apr 20, 2022

#2

Updated my laptop via Lenovo Vantage > sigh of relief, everything was up to date already and the confirmation was so easy, quick, and effortless, OEM utilities can be useful

My Computer

System One

OS

Windows 10 Pro

You must log in or register to reply here.

Similar threads

Article

Microsoft releases workaround for CVE-2022-0001 Specter Security Vulnerability

2

Replies: 38

Views: 4K

Saturday at 7:16 PM

Marcus Vinicus

Article

Revoking vulnerable Windows boot managers

Replies: 8

Views: 711

Yesterday at 9:21 AM

glasskuter

Article

Windows and Linux devices vulnerable to new LogoFAIL firmware attack

Replies: 17

Views: 3K

Dec 8, 2023

Fabler2

Article

AMD Note About Potential Speculative Return Stack Overflow (SRSO) Vulnerability

Replies: 0

Views: 214

Wednesday at 9:28 AM

Brink

Article

Microsoft FAQ and guidance for XZ Utils backdoor vulnerability in Linux distributions

Replies: 0

Views: 439

Apr 2, 2024

Brink

Completely Disable and Remove Copilot in Windows 11

This tutorial will show you how to completely disable the Windows Copilot feature and remove Copilot from the taskbar, Windows Search, and Microsoft Edge...
Brink

Mar 7, 2024
Enable or Disable Sudo Command in Windows 11

This tutorial will show you how to enable or disable the Sudo command for all users in Windows 11. Starting with Windows 11 build 26052 (Canary and Dev)...
Brink

Feb 8, 2024
Enable or Disable Feeds on Widgets Board in Windows 11

This tutorial will show you how to enable or disable news feeds on the widgets board for your account in Windows 11. Widgets are small windows that display...
Brink

Dec 4, 2023
Use ViVeTool to Enable or Disable Hidden Features in Windows 11

This tutorial will show you how to use ViVeTool to enable or disable hidden features in Windows 10 and Windows 11. ViVeTool is an open source tool that can...
Brink

Dec 1, 2023
Always or Never Combine Taskbar buttons and Hide Labels in Windows 11

This tutorial will show you how to always, when the taskbar is full, or never combine taskbar buttons and hide labels for your account, specific users, or...
Brink

May 24, 2023
Disable Modern Standby in Windows 10 and Windows 11

This tutorial will show you how to disable Modern Standby (S0 Low Power Idle) to enable S3 support on a Windows 10 and Windows 11 device. In Windows 10 and...
Brink

Jan 11, 2022
Disable "Show more options" context menu in Windows 11

This tutorial will show you how to enable or disable having to click on "Show more options" to see the full context menu for your account or all users in...
Brink

Oct 4, 2021
Download Official Windows 11 ISO file from Microsoft

This tutorial will show you how to download an official Windows 11 ISO file from Microsoft. Microsoft provides ISO files for Windows 11 to download. You...
Brink

Aug 19, 2021
Restore Classic File Explorer with Ribbon in Windows 11

This tutorial will show you how to restore the classic File Explorer with Ribbon for your account or all users in Windows 11. File Explorer in Windows 10...
Brink

Jul 19, 2021
Repair Install Windows 11 with an In-place Upgrade

This tutorial will show you how to do a repair install of Windows 11 by performing an in-place upgrade without losing anything. If you need to repair or...
Brink

Jul 5, 2021
Enable or Disable Windows Sandbox in Windows 11

This tutorial will show you how to enable or disable the Windows Sandbox feature for all users in Windows 11 Pro, Enterprise, or Education. Windows Sandbox...
Brink

Jun 30, 2021
Clean Install Windows 11

This tutorial will show you step by step on how to clean install Windows 11 at boot on your PC with or without an Internet connection and setup with a local...
Brink

Jun 22, 2021