CVE-2021-3786 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.4 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
lenovo	CNA	4.4 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 30%

Vendor	Product	Version
lenovo	thinkpad_x380_yoga_firmware	𝑥 < 2020-10-31
lenovo	thinkpad_x1_fold_gen_1_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_yoga_260_firmware	𝑥 < 2021-10-25
lenovo	thinkpad_yoga_11e_3rd_gen_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_yoga_370_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_x12_detachable_gen_1_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_yoga_11e_4th_gen_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_yoga_11e_5th_gen_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_x250_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_x260_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_x270_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_10_firmware	𝑥 < 2021-10-25
lenovo	thinkpad_s2_gen_6_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_t460p_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_s2_yoga_gen_6_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_x1_tablet_gen_3_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_t460_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_t14s_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_t470p_firmware	𝑥 < r0fet55w
lenovo	thinkpad_t470s_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_p71_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_t440p_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_t15p_gen_1_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_t15g_gen_1_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_s540_firmware	𝑥 < 2021-10-25
lenovo	thinkpad_l380_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_s5_2nd_gen_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_p15v_gen_1_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_p17_gen_1_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_l580_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_p15_gen_1_firmware	𝑥 < 2021-10-29
lenovo	thinkpad_l590_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_l380_yoga_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_l490_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_l480_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_l470_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_l460_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_e490_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_l390_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_l390_yoga_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_e15_gen_3_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_l14_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_l13_gen_2_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_l15_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_l15_gen_2_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_l13_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_e14_gen_3_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_e590_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_e580_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_l13_yoga_gen_2_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_e570_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_l13_yoga_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_11e_3rd_gen_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_e480_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_e14_firmware	𝑥 ≤ 2021-10-15
lenovo	thinkpad_e470_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_e15_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_e15_gen_2_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_e14_gen_2_firmware	𝑥 < 2021-10-15
lenovo	thinkpad_13_gen_2_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_11e_4th_gen_firmware	𝑥 < 2021-10-31
lenovo	thinkpad_11e_yoga_gen_6_firmware	𝑥 < 2021-10-31
lenovo	ideapad_s940-14iwl_firmware	𝑥 ≤ 12.0.81.1753
lenovo	ideapad_yoga_s940-14iwl_firmware	𝑥 ≤ 12.0.81.1753
lenovo	v330-15isk_firmware	𝑥 ≤ 11.8.86.3877
lenovo	v330-15ikb_firmware	𝑥 ≤ 11.8.86.3877
lenovo	v130-15igm_firmware	𝑥 ≤ 6vcn42ww

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

https://support.lenovo.com/us/en/product_security/LEN-67440