PT-2021-21139 · Lenovo · Lenovo Smart Camera

Charles Jiang

Published

2021-08-17

Updated

2022-04-25

CVE-2021-3615

CVSS v3.1

6.8

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Lenovo Smart Camera versions X3, X5, and C2E

Description: A reported issue could allow code execution if a specific file exists on the attached SD card.

Recommendations: For Lenovo Smart Camera X3, ensure the SD card does not contain the specific file that could trigger code execution. For Lenovo Smart Camera X5, verify that no vulnerable files are present on the attached SD card to prevent potential code execution. For Lenovo Smart Camera C2E, remove any potentially vulnerable files from the SD card to mitigate the risk of code execution.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2021-3615

Affected Products

Lenovo Smart Camera

PT-2021-21139 · Lenovo · Lenovo Smart Camera

CVE-2021-3615

Weakness Enumeration

Related Identifiers

Affected Products

References · 5