CVE-2017-3740

In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
lenovoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
VendorProductVersion
lenovoactive_protection_system
1.00b:b
lenovoactive_protection_system
1.01b:b
lenovoactive_protection_system
1.20b:b
lenovoactive_protection_system
1.21
lenovoactive_protection_system
1.22
lenovoactive_protection_system
1.23
lenovoactive_protection_system
1.30b:b
lenovoactive_protection_system
1.31
lenovoactive_protection_system
1.32
lenovoactive_protection_system
1.33b:b
lenovoactive_protection_system
1.34
lenovoactive_protection_system
1.40
lenovoactive_protection_system
1.41
lenovoactive_protection_system
1.50
lenovoactive_protection_system
1.51
lenovoactive_protection_system
1.52
lenovoactive_protection_system
1.53
lenovoactive_protection_system
1.54
lenovoactive_protection_system
1.61
lenovoactive_protection_system
1.62
lenovoactive_protection_system
1.63
lenovoactive_protection_system
1.64
lenovoactive_protection_system
1.70
lenovoactive_protection_system
1.71
lenovoactive_protection_system
1.72
lenovoactive_protection_system
1.73
lenovoactive_protection_system
1.74
lenovoactive_protection_system
1.75
lenovoactive_protection_system
1.76
lenovoactive_protection_system
1.77.0.5
lenovoactive_protection_system
1.77.0.7
lenovoactive_protection_system
1.77.0.8
lenovoactive_protection_system
1.77.0.9
lenovoactive_protection_system
1.77.0.11
lenovoactive_protection_system
1.77.0.20
lenovoactive_protection_system
1.77.0.26
lenovoactive_protection_system
1.78.0.09
lenovoactive_protection_system
1.78.0.10
lenovoactive_protection_system
1.78.0.11
lenovoactive_protection_system
1.79.0.03
lenovoactive_protection_system
1.80.1.00
lenovoactive_protection_system
1.80.3.00
lenovoactive_protection_system
1.80.8.00
lenovoactive_protection_system
1.80.11.00
lenovoactive_protection_system
1.81.0.08
lenovoactive_protection_system
1.82.0.03
lenovoactive_protection_system
1.82.0.06
lenovoactive_protection_system
1.82.0.07
lenovoactive_protection_system
1.82.0.10
𝑥
= Vulnerable software versions
References
https://support.lenovo.com/us/en/product_security/LEN-13637
https://support.lenovo.com/us/en/product_security/LEN-13637