← Back

CVE-2021-4212

nvd nist
Published: Apr 22, 2022Modified: Nov 21, 2024

JSON object

Loading...
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: NVD

Description

A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Affected (62)

Products: Lenovo: C340 14iml Firmware, C340 15iml Firmware, D330 10igm Firmware, Duet 3 10igl5 Firmware, E41 50 Firmware, Flex 14iml Firmware, Flex 15iml Firmware, Ideapad 3 14are05 Firmware, Ideapad 3 15are05 Firmware, Ideapad 3 17are05 Firmware, Ideapad 5 14alc05 Firmware, Ideapad 5 14are05 Firmware, Ideapad 5 15itl05 Firmware, Ideapad 5 Pro 14acn6 Firmware, Ideapad 5 Pro 14itl6 Firmware, Ideapad 5 Pro 16ihu6 Firmware, Ideapad Creator 5 15imh05 Firmware, Ideapad Gaming 3 15ach6 Firmware, Ideapad Gaming 3 15arh05 Firmware, Ideapad Gaming 3 15imh05 Firmware, L340 15irh Firmware, L340 15iwl Firmware, L340 15iwl Touch Firmware, L340 17irh Firmware, L340 17iwl Firmware, Legion Y540 15irh Firmware, Legion Y540 15irh Pg0 Firmware, Legion Y540 17irh Firmware, Legion Y540 17irh Pg0 Firmware, Legion Y545 Firmware, Legion Y545 Pg0 Firmware, Legion Y7000 2019 Firmware, Legion Y7000 2019 Pg0 Firmware, S340 13iml Firmware, S340 14api Firmware, S340 14iml Firmware, S340 15api Firmware, S340 15api Touch Firmware, S340 15iml Firmware, S540 14iml Firmware, S540 14iml Touch Firmware, S540 15iml Firmware, Slim 7 14are05 Firmware, Slim 7 14itl05 Firmware, Slim 7 15iil05 Firmware, Slim 7 15imh05 Firmware, Slim 7 15itl05 Firmware, Thinkbook 13x Itg Firmware, Thinkbook 14 G3 Itl Firmware, Thinkbook Plus G2 Itg Firmware, V14 Are Firmware, V140 15iwl Firmware, V340 17iwl Firmware, Yoga 6 13alc6 Firmware, Yoga Creator 7 15imh05 Firmware, Yoga Slim 7 14are05 Firmware, Yoga Slim 7 14iil05 Firmware, Yoga Slim 7 14itl05 Firmware, Yoga Slim 7 15iil05 Firmware, Yoga Slim 7 15imh05 Firmware, Yoga Slim 7 15itl05 Firmware, Yoga Slim 7 Carbon 13itl5 Firmware
Lenovo
62 products
C340 14iml Firmware
C340 15iml Firmware
D330 10igm Firmware
Duet 3 10igl5 Firmware
E41 50 Firmware
Flex 14iml Firmware
Flex 15iml Firmware
Ideapad 3 14are05 Firmware
Ideapad 3 15are05 Firmware
Ideapad 3 17are05 Firmware
Ideapad 5 14alc05 Firmware
Ideapad 5 14are05 Firmware
Ideapad 5 15itl05 Firmware
Ideapad 5 Pro 14acn6 Firmware
Ideapad 5 Pro 14itl6 Firmware
Ideapad 5 Pro 16ihu6 Firmware
Ideapad Creator 5 15imh05 Firmware
Ideapad Gaming 3 15ach6 Firmware
Ideapad Gaming 3 15arh05 Firmware
Ideapad Gaming 3 15imh05 Firmware
L340 15irh Firmware
L340 15iwl Firmware
L340 15iwl Touch Firmware
L340 17irh Firmware
L340 17iwl Firmware
Legion Y540 15irh Firmware
Legion Y540 15irh Pg0 Firmware
Legion Y540 17irh Firmware
Legion Y540 17irh Pg0 Firmware
Legion Y545 Firmware
Legion Y545 Pg0 Firmware
Legion Y7000 2019 Firmware
Legion Y7000 2019 Pg0 Firmware
S340 13iml Firmware
S340 14api Firmware
S340 14iml Firmware
S340 15api Firmware
S340 15api Touch Firmware
S340 15iml Firmware
S540 14iml Firmware
S540 14iml Touch Firmware
S540 15iml Firmware
Slim 7 14are05 Firmware
Slim 7 14itl05 Firmware
Slim 7 15iil05 Firmware
Slim 7 15imh05 Firmware
Slim 7 15itl05 Firmware
Thinkbook 13x Itg Firmware
Thinkbook 14 G3 Itl Firmware
Thinkbook Plus G2 Itg Firmware
V14 Are Firmware
V140 15iwl Firmware
V340 17iwl Firmware
Yoga 6 13alc6 Firmware
Yoga Creator 7 15imh05 Firmware
Yoga Slim 7 14are05 Firmware
Yoga Slim 7 14iil05 Firmware
Yoga Slim 7 14itl05 Firmware
Yoga Slim 7 15iil05 Firmware
Yoga Slim 7 15imh05 Firmware
Yoga Slim 7 15itl05 Firmware
Yoga Slim 7 Carbon 13itl5 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
C340 14iml Firmware
All versions
Running on/withPlatform Versions
Lenovo
C340 14iml
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
C340 15iml Firmware
All versions
Running on/withPlatform Versions
Lenovo
C340 15iml
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
D330 10igm Firmware
All versions
Running on/withPlatform Versions
Lenovo
D330 10igm
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Duet 3 10igl5 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Duet 3 10igl5
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
E41 50 Firmware
All versions
Running on/withPlatform Versions
Lenovo
E41 50
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Flex 14iml Firmware
All versions
Running on/withPlatform Versions
Lenovo
Flex 14iml
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Flex 15iml Firmware
All versions
Running on/withPlatform Versions
Lenovo
Flex 15iml
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad 3 14are05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad 3 14are05
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad 3 15are05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad 3 15are05
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad 3 17are05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad 3 17are05
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad 5 14alc05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad 5 14alc05
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad 5 14are05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad 5 14are05
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad 5 15itl05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad 5 15itl05
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad 5 Pro 14acn6 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad 5 Pro 14acn6
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad 5 Pro 14itl6 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad 5 Pro 14itl6
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad 5 Pro 16ihu6 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad 5 Pro 16ihu6
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad Creator 5 15imh05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad Creator 5 15imh05
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad Gaming 3 15ach6 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad Gaming 3 15ach6
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad Gaming 3 15arh05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad Gaming 3 15arh05
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ideapad Gaming 3 15imh05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Ideapad Gaming 3 15imh05
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
L340 15irh Firmware
All versions
Running on/withPlatform Versions
Lenovo
L340 15irh
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
L340 15iwl Firmware
All versions
Running on/withPlatform Versions
Lenovo
L340 15iwl
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
L340 15iwl Touch Firmware
All versions
Running on/withPlatform Versions
Lenovo
L340 15iwl Touch
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
L340 17irh Firmware
All versions
Running on/withPlatform Versions
Lenovo
L340 17irh
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
L340 17iwl Firmware
All versions
Running on/withPlatform Versions
Lenovo
L340 17iwl
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Legion Y540 15irh Firmware
All versions
Running on/withPlatform Versions
Lenovo
Legion Y540 15irh
All versions
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Legion Y540 15irh Pg0 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Legion Y540 15irh Pg0
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Legion Y540 17irh Firmware
All versions
Running on/withPlatform Versions
Lenovo
Legion Y540 17irh
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Legion Y540 17irh Pg0 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Legion Y540 17irh Pg0
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Legion Y545 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Legion Y545
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Legion Y545 Pg0 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Legion Y545 Pg0
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Legion Y7000 2019 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Legion Y7000 2019
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Legion Y7000 2019 Pg0 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Legion Y7000 2019 Pg0
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
S340 13iml Firmware
All versions
Running on/withPlatform Versions
Lenovo
S340 13iml
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
S340 14api Firmware
All versions
Running on/withPlatform Versions
Lenovo
S340 14api
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
S340 14iml Firmware
All versions
Running on/withPlatform Versions
Lenovo
S340 14iml
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
S340 15api Firmware
All versions
Running on/withPlatform Versions
Lenovo
S340 15api
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
S340 15api Touch Firmware
All versions
Running on/withPlatform Versions
Lenovo
S340 15api Touch
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
S340 15iml Firmware
All versions
Running on/withPlatform Versions
Lenovo
S340 15iml
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
S540 14iml Firmware
All versions
Running on/withPlatform Versions
Lenovo
S540 14iml
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
S540 14iml Touch Firmware
All versions
Running on/withPlatform Versions
Lenovo
S540 14iml Touch
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
S540 15iml Firmware
All versions
Running on/withPlatform Versions
Lenovo
S540 15iml
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Slim 7 14are05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Slim 7 14are05
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Slim 7 14itl05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Slim 7 14itl05
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Slim 7 15iil05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Slim 7 15iil05
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Slim 7 15imh05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Slim 7 15imh05
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Slim 7 15itl05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Slim 7 15itl05
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Thinkbook 13x Itg Firmware
All versions
Running on/withPlatform Versions
Lenovo
Thinkbook 13x Itg
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Thinkbook 14 G3 Itl Firmware
All versions
Running on/withPlatform Versions
Lenovo
Thinkbook 14 G3 Itl
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Thinkbook Plus G2 Itg Firmware
All versions
Running on/withPlatform Versions
Lenovo
Thinkbook Plus G2 Itg
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
V14 Are Firmware
All versions
Running on/withPlatform Versions
Lenovo
V14 Are
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
V140 15iwl Firmware
All versions
Running on/withPlatform Versions
Lenovo
V140 15iwl
All versions
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
V340 17iwl Firmware
All versions
Running on/withPlatform Versions
Lenovo
V340 17iwl
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Yoga 6 13alc6 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Yoga 6 13alc6
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Yoga Creator 7 15imh05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Yoga Creator 7 15imh05
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Yoga Slim 7 14are05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Yoga Slim 7 14are05
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Yoga Slim 7 14iil05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Yoga Slim 7 14iil05
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Yoga Slim 7 14itl05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Yoga Slim 7 14itl05
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Yoga Slim 7 15iil05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Yoga Slim 7 15iil05
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Yoga Slim 7 15imh05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Yoga Slim 7 15imh05
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Yoga Slim 7 15itl05 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Yoga Slim 7 15itl05
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Yoga Slim 7 Carbon 13itl5 Firmware
All versions
Running on/withPlatform Versions
Lenovo
Yoga Slim 7 Carbon 13itl5
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

Source: psirt@lenovo.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.