Vulnerabilities > CVE-2021-3719 - Unspecified vulnerability in Lenovo products

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

lenovo

NVD

Published: 2021-11-12

Updated: 2021-11-19

Summary

A potential vulnerability in the SMI callback function that saves and restore boot script tables used for resuming from sleep state in some ThinkCentre and ThinkStation models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
OS	Lenovo Lenovo Thinkcentre E93 Firmware - Lenovo Thinkcentre E93 Firmware Fbktc5A Lenovo Thinkcentre E93 Firmware Fbktdba Lenovo Thinkcentre E93 Firmware Fbktdea Lenovo Thinkcentre M600 Firmware - Lenovo Thinkcentre M600 Firmware M00Kt44A Lenovo Thinkcentre M700 Tiny Firmware * Lenovo Thinkcentre M73 Firmware - Lenovo Thinkcentre M73 Firmware Fckt78A Lenovo Thinkcentre M73P Firmware - Lenovo Thinkcentre M73P Firmware Fbktc5A Lenovo Thinkcentre M73P Firmware Fbktd5A Lenovo Thinkcentre M73P Firmware Fbktdba Lenovo Thinkcentre M800 Firmware - Lenovo Thinkcentre M800 Firmware Fwkt9Aa Lenovo Thinkcentre M800 Firmware Fwkt39A Lenovo Thinkcentre M818Z Firmware - Lenovo Thinkcentre M818Z Firmware 6.0.1.8642 Lenovo Thinkcentre M83 Firmware - Lenovo Thinkcentre M83 Firmware Fbktcga Lenovo Thinkcentre M83 Firmware Fbktdba Lenovo Thinkcentre M900 Firmware - Lenovo Thinkcentre M900 Firmware Fwkt9Aa Lenovo Thinkcentre M900 Firmware Fwkt39A Lenovo Thinkcentre M900X Firmware * Lenovo Thinkcentre M93 Firmware - Lenovo Thinkcentre M93 Firmware Fbktc5A Lenovo Thinkcentre M93 Firmware Fbktd5A Lenovo Thinkcentre M93 Firmware Fbktdba Lenovo Thinkcentre M93P Firmware - Lenovo Thinkcentre M93P Firmware Fbktc5A Lenovo Thinkcentre M93P Firmware Fbktdba Lenovo Thinkcentre M4500Q Firmware - Lenovo Thinkcentre M4500Q Firmware Fhkt66A Lenovo Thinkcentre M4500Q Firmware Fhkt85A Lenovo Thinkcentre M6500T/S Firmware Fbktc5A Lenovo Thinkcentre M8500T/S Firmware Fbktc5A Lenovo Thinkcentre X1 Firmware * Lenovo Thinkstation P300 Firmware - Lenovo Thinkstation P300 Firmware A2Kt70A Lenovo Thinkstation P300 Firmware Fbktc6A Lenovo Thinkstation P300 Firmware Fbktd5A Lenovo Thinkstation P300 Firmware Fbktdba Lenovo Thinkstation P500 Firmware - Lenovo Thinkstation P500 Firmware 2-27-2020 Lenovo Thinkstation P500 Firmware A4Kt67A Lenovo Thinkstation P500 Firmware A4Kt86A Lenovo Thinkstation P700 Firmware - Lenovo Thinkstation P700 Firmware 2-27-2020 Lenovo Thinkstation P700 Firmware A5Kt86A Lenovo Thinkstation P700 Firmware A5Kta7A Lenovo Thinkstation P900 Firmware - Lenovo Thinkstation P900 Firmware A6Kt86A Lenovo Thinkstation P900 Firmware A6Kta7A	54
Hardware	Lenovo Lenovo Thinkcentre E93 - Lenovo Thinkcentre M600 - Lenovo Thinkcentre M700 Tiny - Lenovo Thinkcentre M73 - Lenovo Thinkcentre M73P - Lenovo Thinkcentre M800 - Lenovo Thinkcentre M818Z - Lenovo Thinkcentre M83 - Lenovo Thinkcentre M900 - Lenovo Thinkcentre M900X - Lenovo Thinkcentre M93 - Lenovo Thinkcentre M93P - Lenovo Thinkcentre M4500Q - Lenovo Thinkcentre M6500T/S - Lenovo Thinkcentre M8500T/S - Lenovo Thinkcentre X1 - Lenovo Thinkstation P300 - Lenovo Thinkstation P500 - Lenovo Thinkstation P700 - Lenovo Thinkstation P900 -	20

References

https://support.lenovo.com/us/en/product_security/LEN-67440