Privilege escalation in multiple Lenovo products
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-3970 |
| CWE-ID | CWE-20 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Lenovo Legion S7-15IMH5 Hardware solutions / Firmware Lenovo Legion S7-15ARH5 Hardware solutions / Firmware ideapad 5-15IIL05 Hardware solutions / Firmware ideapad 3-17IML05 Hardware solutions / Firmware ideapad 3-15ITL6 Hardware solutions / Firmware ideapad 3-15ITL05 Hardware solutions / Firmware ideapad 3-15IML05 Hardware solutions / Firmware ideapad 3-14ITL6 Hardware solutions / Firmware ideapad 3-14ITL05 Hardware solutions / Firmware ideapad 3-14IML05 Hardware solutions / Firmware ideapad Yoga Slim 9-14ITL05 Hardware solutions / Firmware ideapad Yoga Slim 7 Pro-14ITL5 Hardware solutions / Firmware ideapad Yoga Slim 7 Pro-14IHU5 O Hardware solutions / Firmware ideapad Yoga Slim 7 Pro-14IHU5 Hardware solutions / Firmware ideapad Yoga Slim 7 Pro-14ACH5 O Hardware solutions / Firmware ideapad Yoga Slim 7 Pro-14ACH5 Hardware solutions / Firmware ideapad Yoga C940-14IIL Hardware solutions / Firmware Lenovo Yoga C740-15IML Hardware solutions / Firmware Lenovo Yoga C740-14IML Hardware solutions / Firmware ideapad Yoga 7-14ACN6 Hardware solutions / Firmware Lenovo V17 G2-ITL Hardware solutions / Firmware Lenovo V15 G2-ITL Hardware solutions / Firmware Lenovo V15 G1-IML Hardware solutions / Firmware Lenovo V14 G2-ITL Hardware solutions / Firmware Lenovo V14 G1-IML Hardware solutions / Firmware ideapad Slim 9-14ITL05 Hardware solutions / Firmware IdeaPad Slim 7 Pro-14IHU5 Hardware solutions / Firmware ideapad S540-13IML Hardware solutions / Firmware Lenovo S14 G2 ITL Hardware solutions / Firmware Lenovo Legion 5-15IMH6 Hardware solutions / Firmware ideapad L3-15IML05 Hardware solutions / Firmware IdeaPad 3-17ITL6 Hardware solutions / Firmware ideapad Flex 3-11ADA05 Hardware solutions / Firmware |
| Vendor | Lenovo |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Input validation error
EUVDB-ID: #VU62364
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-3970
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in LenovoVariable SMI Handler. A local user can run a specially crafted program to execute arbitrary code with elevated privileges.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsLenovo Legion S7-15IMH5: All versions
Lenovo Legion S7-15ARH5: All versions
ideapad 5-15IIL05: All versions
ideapad 3-17IML05: All versions
ideapad 3-15ITL6: All versions
ideapad 3-15ITL05: All versions
ideapad 3-15IML05: All versions
ideapad 3-14ITL6: All versions
ideapad 3-14ITL05: All versions
ideapad 3-14IML05: All versions
ideapad Yoga Slim 9-14ITL05: All versions
ideapad Yoga Slim 7 Pro-14ITL5: All versions
ideapad Yoga Slim 7 Pro-14IHU5 O: All versions
ideapad Yoga Slim 7 Pro-14IHU5: All versions
ideapad Yoga Slim 7 Pro-14ACH5 O: All versions
ideapad Yoga Slim 7 Pro-14ACH5: All versions
ideapad Yoga C940-14IIL: All versions
Lenovo Yoga C740-15IML: All versions
Lenovo Yoga C740-14IML: All versions
ideapad Yoga 7-14ACN6: All versions
Lenovo V17 G2-ITL: All versions
Lenovo V15 G2-ITL: All versions
Lenovo V15 G1-IML: All versions
Lenovo V14 G2-ITL: All versions
Lenovo V14 G1-IML: All versions
ideapad Slim 9-14ITL05: All versions
IdeaPad Slim 7 Pro-14IHU5: All versions
ideapad S540-13IML: All versions
Lenovo S14 G2 ITL: All versions
Lenovo Legion 5-15IMH6: All versions
ideapad L3-15IML05: All versions
IdeaPad 3-17ITL6: All versions
ideapad Flex 3-11ADA05: All versions
External linkshttp://support.lenovo.com/lu/uk/product_security/LEN-73440
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
