Vulnerabilities > Lenovo
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-17 | CVE-2021-3616 | Unspecified vulnerability in Lenovo products A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. | 9.8 |
| 2021-08-17 | CVE-2021-3617 | Command Injection vulnerability in Lenovo products A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command injection by setting a specially crafted network configuration. | 7.2 |
| 2021-08-17 | CVE-2021-3633 | Uncontrolled Search Path Element vulnerability in Lenovo Drivers Management 2.7.1128.1046 A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation. | 7.8 |
| 2021-07-16 | CVE-2021-3452 | Unspecified vulnerability in Lenovo Bios A potential vulnerability in the system shutdown SMI callback function in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code. | 6.7 |
| 2021-07-16 | CVE-2021-3453 | Unspecified vulnerability in Lenovo products Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage. low complexity lenovo | 4.6 |
| 2021-07-16 | CVE-2021-3550 | Uncontrolled Search Path Element vulnerability in Lenovo Pcmanager A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.500.5102, that could allow privilege escalation. | 7.8 |
| 2021-07-16 | CVE-2021-3614 | Unspecified vulnerability in Lenovo products A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage. low complexity lenovo | 6.8 |
| 2021-04-27 | CVE-2021-3464 | Uncontrolled Search Path Element vulnerability in Lenovo Pcmanager A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow privilege escalation. | 7.8 |
| 2021-04-27 | CVE-2021-3451 | Incorrect Default Permissions vulnerability in Lenovo Pcmanager A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow configuration files to be written to non-standard locations. | 5.5 |
| 2021-04-13 | CVE-2021-3473 | Cleartext Storage of Sensitive Information vulnerability in Lenovo Xclarity Controller An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator (LXCA) is used to perform the backup/restore. | 4.9 |