cbcvebase.
CVE-2021-3972
published 2022-04-22

CVE-2021-3972: A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices' BIOS that was mistakenly not deactivated may…

medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices' BIOS that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.

Affected

98 ranges· showing 25
VendorProductVersion rangeFixed in
lenovoideapad_3-14ada05_firmware< e8cn33wwe8cn33ww
lenovoideapad_3-14ada6_firmware< hbcn21wwhbcn21ww
lenovoideapad_3-14alc6_firmware< glcn43wwglcn43ww
lenovoideapad_3-14are05_firmware< dzcn42wwdzcn42ww
lenovoideapad_3-14igl05_firmware< emcn52wwemcn52ww
lenovoideapad_3-14iil05_firmware< dvcn23wwdvcn23ww
lenovoideapad_3-14iml05_firmware< dxcn41wwdxcn41ww
lenovoideapad_3-14itl05_firmware< gccn26wwgccn26ww
lenovoideapad_3-14itl6_firmware< ggcn33wwggcn33ww
lenovoideapad_3-15ada05_firmware< e8cn33wwe8cn33ww
lenovoideapad_3-15ada6_firmware< hbcn21wwhbcn21ww
lenovoideapad_3-15alc6_firmware< glcn43wwglcn43ww
lenovoideapad_3-15are05_firmware< dzcn42wwdzcn42ww
lenovoideapad_3-15igl05_firmware< dvcn23wwdvcn23ww
lenovoideapad_3-15iil05_firmware< emcn52wwemcn52ww
lenovoideapad_3-15iml05_firmware< dxcn41wwdxcn41ww
lenovoideapad_3-15itl05_firmware< gccn26wwgccn26ww
lenovoideapad_3-15itl6_firmware< ggcn33wwggcn33ww
lenovoideapad_3-17ada05_firmware< e8cn33wwe8cn33ww
lenovoideapad_3-17ada6_firmware< hbcn21wwhbcn21ww
lenovoideapad_3-17alc6_firmware< glcn43wwglcn43ww
lenovoideapad_3-17are05_firmware< dzcn42wwdzcn42ww
lenovoideapad_3-17iil05_firmware< emcn52wwemcn52ww
lenovoideapad_3-17iml05_firmware< dxcn41wwdxcn41ww
lenovoideapad_3-17itl6_firmware< ggcn33wwggcn33ww