PT-2021-20828 · Lenovo · Lenovo Desktop

Published

2021-11-12

Updated

2021-11-19

CVE-2021-3519

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Lenovo Desktop models (affected versions not specified)

Description: A vulnerability was reported that could allow unauthorized access to the boot menu when the BIOS Password At Boot Device List BIOS setting is set to Yes.

Recommendations: For the affected Lenovo Desktop models, change the BIOS Password At Boot Device List BIOS setting to No to prevent unauthorized access to the boot menu. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2021-3519

Affected Products

Lenovo Desktop

PT-2021-20828 · Lenovo · Lenovo Desktop

CVE-2021-3519

Weakness Enumeration

Related Identifiers

Affected Products

References · 3