CVE-2021-4210
Severity Score
6.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Una posible vulnerabilidad en la función de devolución de llamada SMI usada en el controlador NVME en algunos modelos Lenovo Desktop, ThinkStation y ThinkEdge puede permitir a un atacante con acceso local y altos privilegios ejecutar código arbitrario
*Credits:
Lenovo thanks Jiawei Yin(@yngweijw) and Menghao Li of IIE varas
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-01-24 CVE Reserved
- 2022-04-22 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.lenovo.com/us/en/product_security/LEN-77639 | 2022-08-09 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Lenovo Search vendor "Lenovo" | Stadia Ggp-120 Firmware Search vendor "Lenovo" for product "Stadia Ggp-120 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Stadia Ggp-120 Search vendor "Lenovo" for product "Stadia Ggp-120" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkedge Se30 Firmware Search vendor "Lenovo" for product "Thinkedge Se30 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkedge Se30 Search vendor "Lenovo" for product "Thinkedge Se30" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | V540-24iwl Firmware Search vendor "Lenovo" for product "V540-24iwl Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | V540-24iwl Search vendor "Lenovo" for product "V540-24iwl" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkstation P520 Firmware Search vendor "Lenovo" for product "Thinkstation P520 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkstation P520 Search vendor "Lenovo" for product "Thinkstation P520" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkstation P310 Firmware Search vendor "Lenovo" for product "Thinkstation P310 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkstation P310 Search vendor "Lenovo" for product "Thinkstation P310" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | V50t-13imb Firmware Search vendor "Lenovo" for product "V50t-13imb Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | V50t-13imb Search vendor "Lenovo" for product "V50t-13imb" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkstation P520c Firmware Search vendor "Lenovo" for product "Thinkstation P520c Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkstation P520c Search vendor "Lenovo" for product "Thinkstation P520c" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | A540-27icb Firmware Search vendor "Lenovo" for product "A540-27icb Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | A540-27icb Search vendor "Lenovo" for product "A540-27icb" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | A540-24icb Firmware Search vendor "Lenovo" for product "A540-24icb Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | A540-24icb Search vendor "Lenovo" for product "A540-24icb" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre G5-14imb05 Firmware Search vendor "Lenovo" for product "Ideacentre G5-14imb05 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre G5-14imb05 Search vendor "Lenovo" for product "Ideacentre G5-14imb05" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | V410z Firmware Search vendor "Lenovo" for product "V410z Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | V410z Search vendor "Lenovo" for product "V410z" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M910z Firmware Search vendor "Lenovo" for product "Thinkcentre M910z Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M910z Search vendor "Lenovo" for product "Thinkcentre M910z" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M70a Firmware Search vendor "Lenovo" for product "Thinkcentre M70a Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M70a Search vendor "Lenovo" for product "Thinkcentre M70a" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M75n Firmware Search vendor "Lenovo" for product "Thinkcentre M75n Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M75n Search vendor "Lenovo" for product "Thinkcentre M75n" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre X1 Firmware Search vendor "Lenovo" for product "Thinkcentre X1 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre X1 Search vendor "Lenovo" for product "Thinkcentre X1" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M900 Firmware Search vendor "Lenovo" for product "Thinkcentre M900 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M900 Search vendor "Lenovo" for product "Thinkcentre M900" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M810z Firmware Search vendor "Lenovo" for product "Thinkcentre M810z Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M810z Search vendor "Lenovo" for product "Thinkcentre M810z" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M90a Gen2 Firmware Search vendor "Lenovo" for product "Thinkcentre M90a Gen2 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M90a Gen2 Search vendor "Lenovo" for product "Thinkcentre M90a Gen2" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M820z Firmware Search vendor "Lenovo" for product "Thinkcentre M820z Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M820z Search vendor "Lenovo" for product "Thinkcentre M820z" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-27itl6 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 3-27itl6 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-27itl6 Search vendor "Lenovo" for product "Ideacentre Aio 3-27itl6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-24itl6 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 3-24itl6 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-24itl6 Search vendor "Lenovo" for product "Ideacentre Aio 3-24itl6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M900x Firmware Search vendor "Lenovo" for product "Thinkcentre M900x Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M900x Search vendor "Lenovo" for product "Thinkcentre M900x" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M800 Firmware Search vendor "Lenovo" for product "Thinkcentre M800 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M800 Search vendor "Lenovo" for product "Thinkcentre M800" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-24iil5 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 3-24iil5 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-24iil5 Search vendor "Lenovo" for product "Ideacentre Aio 3-24iil5" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M700 Firmware Search vendor "Lenovo" for product "Thinkcentre M700 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M700 Search vendor "Lenovo" for product "Thinkcentre M700" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Thinkcentre M700 Tiny Firmware Search vendor "Lenovo" for product "Thinkcentre M700 Tiny Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Thinkcentre M700 Tiny Search vendor "Lenovo" for product "Thinkcentre M700 Tiny" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-24ada6 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 3-24ada6 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-24ada6 Search vendor "Lenovo" for product "Ideacentre Aio 3-24ada6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-22itl6 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 3-22itl6 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-22itl6 Search vendor "Lenovo" for product "Ideacentre Aio 3-22itl6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-22iil5 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 3-22iil5 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-22iil5 Search vendor "Lenovo" for product "Ideacentre Aio 3-22iil5" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-22ada6 Firmware Search vendor "Lenovo" for product "Ideacentre Aio 3-22ada6 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre Aio 3-22ada6 Search vendor "Lenovo" for product "Ideacentre Aio 3-22ada6" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre 5-14imb05 Firmware Search vendor "Lenovo" for product "Ideacentre 5-14imb05 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre 5-14imb05 Search vendor "Lenovo" for product "Ideacentre 5-14imb05" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Ideacentre C5-14imb05 Firmware Search vendor "Lenovo" for product "Ideacentre C5-14imb05 Firmware" | - | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Ideacentre C5-14imb05 Search vendor "Lenovo" for product "Ideacentre C5-14imb05" | - | - |
Safe
|