CVE-2021-3718

CWE-2323 documents3 sources

Severity

4.6MEDIUM

EPSS

0.0%

top 89.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Lenovo Thinkpad L14 Firmware Lenovo Thinkpad L14 GEN 1 Firmware Lenovo Thinkpad L15 Firmware +37 more

Timeline

PublishedNov 12

Latest updateMay 24

Description

A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 0.7 | Impact: 3.6

Affected Packages40 packages

▶CVEListV5lenovo/thinkpad_biosvarious

▶NVDlenovo/thinkpad_l14_firmware< 1.20.1.17

▶NVDlenovo/thinkpad_l15_firmware< 1.20.1.17

▶NVDlenovo/thinkpad_p52_firmware< n2cet60w

▶NVDlenovo/thinkpad_p72_firmware< n2cet60w

🔴Vulnerability Details

GHSA

GHSA-cf28-3crv-xv77: A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enab↗2022-05-24

▶

CVEList

CVE-2021-3718: A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enab↗2021-11-12

▶