CVE-2021-3843
EUVD-2021-2708612.11.2021, 22:15
A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| lenovo | thinkpad_11e_3rd_gen_firmware | 𝑥 ≤ 1.22 |
| lenovo | thinkpad_11e_3rd_gen_firmware | 𝑥 ≤ 1.29 |
| lenovo | thinkpad_11e_4th_gen_i3_firmware | 𝑥 ≤ 1.22 |
| lenovo | thinkpad_11e_4th_gen_i7_firmware | 𝑥 ≤ 1.22 |
| lenovo | thinkpad_11e_4th_gen_i5_firmware | 𝑥 ≤ 1.22 |
| lenovo | thinkpad_11e_4th_gen_celeron_firmware | 𝑥 ≤ 1.27 |
| lenovo | thinkpad_11e_yoga_gen_6_firmware | 𝑥 ≤ 1.12 |
| lenovo | thinkpad_13_gen_2_firmware | 𝑥 ≤ 1.29 |
| lenovo | thinkpad_l13_firmware | 𝑥 ≤ 1.31 |
| lenovo | thinkpad_l13_gen_2_firmware | 𝑥 ≤ 1.11 |
| lenovo | thinkpad_l13_gen_2_firmware | 𝑥 ≤ 1.08 |
| lenovo | thinkpad_l13_yoga_firmware | 𝑥 ≤ 1.31 |
| lenovo | thinkpad_l13_yoga_gen_2_firmware | 𝑥 ≤ 1.11 |
| lenovo | thinkpad_l13_yoga_gen_2_firmware | 𝑥 ≤ 1.08 |
| lenovo | thinkpad_l14_gen_1_firmware | 𝑥 < 1.15 |
| lenovo | thinkpad_l14_firmware | 𝑥 < 1.20.1.17 |
| lenovo | thinkpad_l15_gen_1_firmware | 𝑥 < 1.15 |
| lenovo | thinkpad_l15_firmware | 𝑥 < 1.20.1.17 |
| lenovo | thinkpad_l380_firmware | 𝑥 ≤ 1.26 |
| lenovo | thinkpad_l380_yoga_firmware | 𝑥 ≤ 1.26 |
| lenovo | thinkpad_l390_yoga_firmware | 𝑥 ≤ 1.35 |
| lenovo | thinkpad_l390_firmware | 𝑥 ≤ 1.35 |
| lenovo | thinkpad_s5_2nd_gen_firmware | 𝑥 ≤ 1.28 |
| lenovo | thinkpad_t460_firmware | 𝑥 ≤ 1.43.1.11 |
| lenovo | thinkpad_s2_gen_6_firmware | 𝑥 ≤ 2021-09-30 |
| lenovo | thinkpad_s2_yoga_gen_6_firmware | 𝑥 ≤ 2021-09-30 |
| lenovo | thinkpad_x12_detachable_gen_1_firmware | 𝑥 < 1.16 |
| lenovo | thinkpad_x260_firmware | 𝑥 ≤ 1.47\/1.15 |
| lenovo | thinkpad_x380_yoga_firmware | 𝑥 ≤ 1.34 |
| lenovo | thinkpad_11e_5th_gen_firmware | 𝑥 ≤ 1.13 |
| lenovo | thinkpad_11e_5th_gen_firmware | 𝑥 ≤ 1.13 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration