CVE-2017-3740

Published: Jun 4, 2017Modified: May 13, 2026

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.

Affected (49)

Products: Lenovo: Active Protection System

Lenovo

1 product

Active Protection System

Configuration A

49 vulnerable

Vulnerable Software	Affected Versions
Lenovo Active Protection System	Version 1.00b
Lenovo Active Protection System	Version 1.01b
Lenovo Active Protection System	Version 1.20b
Lenovo Active Protection System	Version 1.21
Lenovo Active Protection System	Version 1.22
Lenovo Active Protection System	Version 1.23
Lenovo Active Protection System	Version 1.30b
Lenovo Active Protection System	Version 1.31
Lenovo Active Protection System	Version 1.32
Lenovo Active Protection System	Version 1.33b
Lenovo Active Protection System	Version 1.34
Lenovo Active Protection System	Version 1.40
Lenovo Active Protection System	Version 1.41
Lenovo Active Protection System	Version 1.50
Lenovo Active Protection System	Version 1.51
Lenovo Active Protection System	Version 1.52
Lenovo Active Protection System	Version 1.53
Lenovo Active Protection System	Version 1.54
Lenovo Active Protection System	Version 1.61
Lenovo Active Protection System	Version 1.62
Lenovo Active Protection System	Version 1.63
Lenovo Active Protection System	Version 1.64
Lenovo Active Protection System	Version 1.70
Lenovo Active Protection System	Version 1.71
Lenovo Active Protection System	Version 1.72
Lenovo Active Protection System	Version 1.73
Lenovo Active Protection System	Version 1.74
Lenovo Active Protection System	Version 1.75
Lenovo Active Protection System	Version 1.76
Lenovo Active Protection System	Version 1.77.0.11
Lenovo Active Protection System	Version 1.77.0.20
Lenovo Active Protection System	Version 1.77.0.26
Lenovo Active Protection System	Version 1.77.0.5
Lenovo Active Protection System	Version 1.77.0.7
Lenovo Active Protection System	Version 1.77.0.8
Lenovo Active Protection System	Version 1.77.0.9
Lenovo Active Protection System	Version 1.78.0.09
Lenovo Active Protection System	Version 1.78.0.10
Lenovo Active Protection System	Version 1.78.0.11
Lenovo Active Protection System	Version 1.79.0.03
Lenovo Active Protection System	Version 1.80.1.00
Lenovo Active Protection System	Version 1.80.11.00
Lenovo Active Protection System	Version 1.80.3.00
Lenovo Active Protection System	Version 1.80.8.00
Lenovo Active Protection System	Version 1.81.0.08
Lenovo Active Protection System	Version 1.82.0.03
Lenovo Active Protection System	Version 1.82.0.06
Lenovo Active Protection System	Version 1.82.0.07
Lenovo Active Protection System	Version 1.82.0.10

References (2)

https://support.lenovo.com/us/en/product_security/LEN-13637

Source: psirt@lenovo.com

Vendor Advisory

https://support.lenovo.com/us/en/product_security/LEN-13637

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.