PT-2021-20534 · Lenovo · Lenovo Notebook+2
Published
2021-07-16
·
Updated
2021-07-30
·
CVE-2021-3453
CVSS v3.1
6.8
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Lenovo Notebook, ThinkPad, and Lenovo Desktop systems (affected versions not specified)
Description:
The issue affects certain Lenovo systems, including Notebooks, ThinkPads, and Desktops, where BIOS modules are not protected by Intel Boot Guard. This could allow an attacker with physical access to write to the SPI flash storage.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Protection Mechanism Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Lenovo Desktop
Lenovo Notebook
Thinkpad