CVE-2021-3453
 
Severity Score
4.6
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage.
Algunos sistemas de portátiles, ThinkPad y ordenadores de sobremesa de Lenovo presentan módulos BIOS desprotegidos por Intel Boot Guard que podrían permitir a un atacante con acceso físico la habilidad de escribir en el almacenamiento flash SPI
*Credits:
Lenovo thanks Binarly efiXplorer team for reporting these issues.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-03-19 CVE Reserved
- 2021-07-16 CVE Published
- 2024-03-31 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-693: Protection Mechanism Failure
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://support.lenovo.com/us/en/product_security/LEN-65529 | 2021-07-30 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Lenovo Search vendor "Lenovo" | Thinkpad Helix Firmware Search vendor "Lenovo" for product "Thinkpad Helix Firmware" | n17etb4w Search vendor "Lenovo" for product "Thinkpad Helix Firmware" and version "n17etb4w" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkpad Helix Search vendor "Lenovo" for product "Thinkpad Helix" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Thinkpad T550 Firmware Search vendor "Lenovo" for product "Thinkpad T550 Firmware" | n11et53w Search vendor "Lenovo" for product "Thinkpad T550 Firmware" and version "n11et53w" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkpad T550 Search vendor "Lenovo" for product "Thinkpad T550" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Thinkpad W550s Firmware Search vendor "Lenovo" for product "Thinkpad W550s Firmware" | n11et53w Search vendor "Lenovo" for product "Thinkpad W550s Firmware" and version "n11et53w" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkpad W550s Search vendor "Lenovo" for product "Thinkpad W550s" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Thinkpad X1 Carbon 3rd Gen Firmware Search vendor "Lenovo" for product "Thinkpad X1 Carbon 3rd Gen Firmware" | n14et55w Search vendor "Lenovo" for product "Thinkpad X1 Carbon 3rd Gen Firmware" and version "n14et55w" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkpad X1 Carbon 3rd Gen Search vendor "Lenovo" for product "Thinkpad X1 Carbon 3rd Gen" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Thinkpad X250 Firmware Search vendor "Lenovo" for product "Thinkpad X250 Firmware" | n10et62w Search vendor "Lenovo" for product "Thinkpad X250 Firmware" and version "n10et62w" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkpad X250 Search vendor "Lenovo" for product "Thinkpad X250" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Thinkpad Yoga 15 Firmware Search vendor "Lenovo" for product "Thinkpad Yoga 15 Firmware" | n19et65w Search vendor "Lenovo" for product "Thinkpad Yoga 15 Firmware" and version "n19et65w" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkpad Yoga 15 Search vendor "Lenovo" for product "Thinkpad Yoga 15" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | 730s-13iml Firmware Search vendor "Lenovo" for product "730s-13iml Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | 730s-13iml Search vendor "Lenovo" for product "730s-13iml" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Ideapad 1-11igl05 Firmware Search vendor "Lenovo" for product "Ideapad 1-11igl05 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideapad 1-11igl05 Search vendor "Lenovo" for product "Ideapad 1-11igl05" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Ideapad 1-14igl05 Firmware Search vendor "Lenovo" for product "Ideapad 1-14igl05 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideapad 1-14igl05 Search vendor "Lenovo" for product "Ideapad 1-14igl05" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Ideapad S940-14iil Firmware Search vendor "Lenovo" for product "Ideapad S940-14iil Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideapad S940-14iil Search vendor "Lenovo" for product "Ideapad S940-14iil" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Ideapad S940-14iwl Firmware Search vendor "Lenovo" for product "Ideapad S940-14iwl Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideapad S940-14iwl Search vendor "Lenovo" for product "Ideapad S940-14iwl" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Ideapad Slim 1-11ast-05 Firmware Search vendor "Lenovo" for product "Ideapad Slim 1-11ast-05 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideapad Slim 1-11ast-05 Search vendor "Lenovo" for product "Ideapad Slim 1-11ast-05" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Ideapad Slim 1-14ast-05 Firmware Search vendor "Lenovo" for product "Ideapad Slim 1-14ast-05 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideapad Slim 1-14ast-05 Search vendor "Lenovo" for product "Ideapad Slim 1-14ast-05" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | V130-15igm Firmware Search vendor "Lenovo" for product "V130-15igm Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | V130-15igm Search vendor "Lenovo" for product "V130-15igm" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | V330-15ikb Firmware Search vendor "Lenovo" for product "V330-15ikb Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | V330-15ikb Search vendor "Lenovo" for product "V330-15ikb" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | V330-15isk Firmware Search vendor "Lenovo" for product "V330-15isk Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | V330-15isk Search vendor "Lenovo" for product "V330-15isk" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Yoga S730-13iml Firmware Search vendor "Lenovo" for product "Yoga S730-13iml Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Yoga S730-13iml Search vendor "Lenovo" for product "Yoga S730-13iml" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Yoga S940-14iil Firmware Search vendor "Lenovo" for product "Yoga S940-14iil Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Yoga S940-14iil Search vendor "Lenovo" for product "Yoga S940-14iil" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Yoga S940-14iwl Firmware Search vendor "Lenovo" for product "Yoga S940-14iwl Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Yoga S940-14iwl Search vendor "Lenovo" for product "Yoga S940-14iwl" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Ideacentre Aio 5-24imb05 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 5-24imb05 Firmware" | < 2021-09-30 Search vendor "Lenovo" for product "Ideacentre Aio 5-24imb05 Firmware" and version " < 2021-09-30" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 5-24imb05 Search vendor "Lenovo" for product "Ideacentre Aio 5-24imb05" | - | - |
Safe
|
Lenovo Search vendor "Lenovo" | Ideacentre Aio 5-74imb05 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 5-74imb05 Firmware" | < 2021-09-30 Search vendor "Lenovo" for product "Ideacentre Aio 5-74imb05 Firmware" and version " < 2021-09-30" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 5-74imb05 Search vendor "Lenovo" for product "Ideacentre Aio 5-74imb05" | - | - |
Safe
|