CVE-2021-3616

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. This vulnerability is the same as CNVD-2020-68651.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.4 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
lenovoCNA
9.4 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
lenovosmart_camera_c2e_firmware
𝑥
< 01.03.29.16
lenovosmart_camera_x3_firmware
𝑥
< 01.03.29.16
lenovosmart_camera_x5_firmware
𝑥
< 01.03.29.16
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://iknow.lenovo.com.cn/detail/dc_198417.html
https://www.cnvd.org.cn/flaw/show/CNVD-2020-68651
https://iknow.lenovo.com.cn/detail/dc_198417.html
https://www.cnvd.org.cn/flaw/show/CNVD-2020-68651