CVE-2021-3599

CVSS 6.7 MEDIUMEPSS 0.3%CWE-20

A potential vulnerability in the SMI callback function used to access flash device in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Productos afectados

Lenovo · ThinkPad BIOS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.lenovo.com/us/en/product_security/LEN-67440