Vulnerability Description
A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lenovo | Ideapad 1-11Ada05 Firmware | fqcn19ww |
| Lenovo | Ideapad 1-11Ada05 | - |
| Lenovo | Ideapad 1-14Ada05 Firmware | fqcn19ww |
| Lenovo | Ideapad 1-14Ada05 | - |
| Lenovo | V130-15Ikb Firmware | - |
| Lenovo | V130-15Ikb | - |
| Lenovo | 100E 2Nd Gen Firmware | - |
| Lenovo | 100E 2Nd Gen | - |
| Lenovo | 300E 2Nd Gen Firmware | - |
| Lenovo | 300E 2Nd Gen | - |
| Lenovo | Ideapad 730-13Iml Firmware | - |
| Lenovo | Ideapad 730-13Iml | - |
| Lenovo | Ideapad Flex 5-14Alc05 Firmware | - |
| Lenovo | Ideapad Flex 5-14Alc05 | - |
| Lenovo | Ideapad Flex 5-15Alc05 Firmware | - |
| Lenovo | Ideapad Flex 5-15Alc05 | - |
| Lenovo | Ideapad 1-11Igl05 Firmware | - |
| Lenovo | Ideapad 1-11Igl05 | - |
| Lenovo | Ideapad 1-14Igl05 Firmware | - |
| Lenovo | Ideapad 1-14Igl05 | - |
Related Weaknesses (CWE)
References
- https://support.lenovo.com/us/en/product_security/LEN-65529Vendor Advisory
- https://support.lenovo.com/us/en/product_security/LEN-65529Vendor Advisory
FAQ
What is CVE-2021-3614?
CVE-2021-3614 is a vulnerability with a CVSS score of 6.4 (MEDIUM). A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo V...
How severe is CVE-2021-3614?
CVE-2021-3614 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-3614?
Check the references section above for vendor advisories and patch information. Affected products include: Lenovo Ideapad 1-11Ada05 Firmware, Lenovo Ideapad 1-11Ada05, Lenovo Ideapad 1-14Ada05 Firmware, Lenovo Ideapad 1-14Ada05, Lenovo V130-15Ikb Firmware.