CVE-2017-3771

Summary

System boot process is not adequately secured In Lenovo E95 and ThinkCentre M710s/M710t because systems were shipped from factory without completing BIOS/UEFI initialization process.

Affected Software

VendorProductVersion RangeStatus
Lenovo Group Ltd.E95, ThinkCentre M710s/M710tEarlier than 1.3.2affected

Weaknesses

  • Unauthorized bootloader allowed to run during system boot, reducing protection against rootkits

ADP Enrichment

CVE Program Container

Additional References

References