CVE-2021-3614

Summary

A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo Vantage.

Affected Software

VendorProductVersion RangeStatus
LenovoNotebook BIOSvariousaffected

Weaknesses

  • CWE-636: CWE-636 Not Failing Securely ('Failing Open')

ADP Enrichment

CVE Program Container

Additional References

References