Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-3463

A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 4.2, requiring local system access to exploit with relatively low complexity though user interaction is required . The vulnerability impacts and availability (service disruption) for affected systems. Impacting 125 products from lenovo, from lenovo, from lenovo and 122 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2021, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2021-04-13T21:15:25.257

Last Modified

2024-11-21T06:21:36.173

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.2 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

6.9

Weaknesses

Type: Secondary
CWE-476
Type: Primary
CWE-476

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	lenovo	power_management_driver	< 1.67.17.54	Yes
Hardware	lenovo	thinkpad_11e_gen_5	-	No
Hardware	lenovo	thinkpad_11e_yoga_gen_6	-	No
Hardware	lenovo	thinkpad_13_gen_2	-	No
Hardware	lenovo	thinkpad_25	-	No
Hardware	lenovo	thinkpad_a275	-	No
Hardware	lenovo	thinkpad_a285	-	No
Hardware	lenovo	thinkpad_a475	-	No
Hardware	lenovo	thinkpad_a485	-	No
Hardware	lenovo	thinkpad_e14	-	No
Hardware	lenovo	thinkpad_e14_gen2	-	No
Hardware	lenovo	thinkpad_e15	-	No
Hardware	lenovo	thinkpad_e15_gen2	-	No
Hardware	lenovo	thinkpad_e470	-	No
Hardware	lenovo	thinkpad_e470c	-	No
Hardware	lenovo	thinkpad_e475	-	No
Hardware	lenovo	thinkpad_e480	-	No
Hardware	lenovo	thinkpad_e490	-	No
Hardware	lenovo	thinkpad_e495	-	No
Hardware	lenovo	thinkpad_e570	-	No
Hardware	lenovo	thinkpad_e570c	-	No
Hardware	lenovo	thinkpad_e575	-	No
Hardware	lenovo	thinkpad_e580	-	No
Hardware	lenovo	thinkpad_e590	-	No
Hardware	lenovo	thinkpad_e595	-	No
Hardware	lenovo	thinkpad_l13	-	No
Hardware	lenovo	thinkpad_l13_gen_1	-	No
Hardware	lenovo	thinkpad_l13_gen_2	-	No
Hardware	lenovo	thinkpad_l13_yoga	-	No
Hardware	lenovo	thinkpad_l13_yoga_gen_1	-	No
Hardware	lenovo	thinkpad_l13_yoga_gen_2	-	No
Hardware	lenovo	thinkpad_l14_gen_1	-	No
Hardware	lenovo	thinkpad_l14_gen_2	-	No
Hardware	lenovo	thinkpad_l15_gen_1	-	No
Hardware	lenovo	thinkpad_l15_gen_2	-	No
Hardware	lenovo	thinkpad_l380	-	No
Hardware	lenovo	thinkpad_l380_yoga	-	No
Hardware	lenovo	thinkpad_l390	-	No
Hardware	lenovo	thinkpad_l390_yoga	-	No
Hardware	lenovo	thinkpad_l470	-	No
Hardware	lenovo	thinkpad_l480	-	No
Hardware	lenovo	thinkpad_l490	-	No
Hardware	lenovo	thinkpad_l570	-	No
Hardware	lenovo	thinkpad_l580	-	No
Hardware	lenovo	thinkpad_l590	-	No
Hardware	lenovo	thinkpad_p1	-	No
Hardware	lenovo	thinkpad_p1_gen_2	-	No
Hardware	lenovo	thinkpad_p1_gen_3	-	No
Hardware	lenovo	thinkpad_p14s_gen_1	-	No
Hardware	lenovo	thinkpad_p14s_gen_2	-	No
Hardware	lenovo	thinkpad_p15_gen_1	-	No
Hardware	lenovo	thinkpad_p15s_gen_1	-	No
Hardware	lenovo	thinkpad_p15s_gen_2	-	No
Hardware	lenovo	thinkpad_p15v_gen_1	-	No
Hardware	lenovo	thinkpad_p17_gen_1	-	No
Hardware	lenovo	thinkpad_p43s	-	No
Hardware	lenovo	thinkpad_p51	-	No
Hardware	lenovo	thinkpad_p51s	-	No
Hardware	lenovo	thinkpad_p52	-	No
Hardware	lenovo	thinkpad_p52s	-	No
Hardware	lenovo	thinkpad_p53	-	No
Hardware	lenovo	thinkpad_p53s	-	No
Hardware	lenovo	thinkpad_p71	-	No
Hardware	lenovo	thinkpad_p72	-	No
Hardware	lenovo	thinkpad_p73	-	No
Hardware	lenovo	thinkpad_r14	-	No
Hardware	lenovo	thinkpad_r14_gen_2	-	No
Hardware	lenovo	thinkpad_r480	-	No
Hardware	lenovo	thinkpad_s1_gen_4	-	No
Hardware	lenovo	thinkpad_s2_gen_2	-	No
Hardware	lenovo	thinkpad_s2_gen_5	-	No
Hardware	lenovo	thinkpad_s2_gen_6	-	No
Hardware	lenovo	thinkpad_s2_yoga_gen_5	-	No
Hardware	lenovo	thinkpad_s2_yoga_gen_6	-	No
Hardware	lenovo	thinkpad_s3_gen_2	-	No
Hardware	lenovo	thinkpad_s5_gen_2	-	No
Hardware	lenovo	thinkpad_t14_gen_1	-	No
Hardware	lenovo	thinkpad_t14_gen_2	-	No
Hardware	lenovo	thinkpad_t14s_gen_1	-	No
Hardware	lenovo	thinkpad_t14s_gen_2i	-	No
Hardware	lenovo	thinkpad_t15_gen_1	-	No
Hardware	lenovo	thinkpad_t15_gen_2	-	No
Hardware	lenovo	thinkpad_t15g_gen_1	-	No
Hardware	lenovo	thinkpad_t15p_gen_1	-	No
Hardware	lenovo	thinkpad_t470	-	No
Hardware	lenovo	thinkpad_t470p	-	No
Hardware	lenovo	thinkpad_t470s	-	No
Hardware	lenovo	thinkpad_t480	-	No
Hardware	lenovo	thinkpad_t480s	-	No
Hardware	lenovo	thinkpad_t490	-	No
Hardware	lenovo	thinkpad_t490s	-	No
Hardware	lenovo	thinkpad_t495	-	No
Hardware	lenovo	thinkpad_t570	-	No
Hardware	lenovo	thinkpad_t580	-	No
Hardware	lenovo	thinkpad_t590	-	No
Hardware	lenovo	thinkpad_x1_carbon_gen_5	-	No
Hardware	lenovo	thinkpad_x1_carbon_gen_6	-	No
Hardware	lenovo	thinkpad_x1_carbon_gen_7	-	No
Hardware	lenovo	thinkpad_x1_carbon_gen_8	-	No
Hardware	lenovo	thinkpad_x1_carbon_gen_9	-	No
Hardware	lenovo	thinkpad_x1_extreme	-	No
Hardware	lenovo	thinkpad_x1_extreme_2nd	-	No
Hardware	lenovo	thinkpad_x1_extreme_gen_3	-	No
Hardware	lenovo	thinkpad_x1_nano_gen_1	-	No
Hardware	lenovo	thinkpad_x1_tablet_gen_2	-	No
Hardware	lenovo	thinkpad_x1_tablet_gen_3	-	No
Hardware	lenovo	thinkpad_x1_titanium_gen_1	-	No
Hardware	lenovo	thinkpad_x1_yoga_gen_2	-	No
Hardware	lenovo	thinkpad_x1_yoga_gen_3	-	No
Hardware	lenovo	thinkpad_x1_yoga_gen_4	-	No
Hardware	lenovo	thinkpad_x1_yoga_gen_5	-	No
Hardware	lenovo	thinkpad_x1_yoga_gen_6	-	No
Hardware	lenovo	thinkpad_x12	-	No
Hardware	lenovo	thinkpad_x13_gen_1	-	No
Hardware	lenovo	thinkpad_x13_gen_2i	-	No
Hardware	lenovo	thinkpad_x13_yoga_gen_1	-	No
Hardware	lenovo	thinkpad_x13_yoga_gen_2	-	No
Hardware	lenovo	thinkpad_x270	-	No
Hardware	lenovo	thinkpad_x280	-	No
Hardware	lenovo	thinkpad_x380_yoga	-	No
Hardware	lenovo	thinkpad_x390	-	No
Hardware	lenovo	thinkpad_x390_yoga	-	No
Hardware	lenovo	thinkpad_x395	-	No
Hardware	lenovo	thinkpad_yoga_11e_gen_5	-	No
Hardware	lenovo	thinkpad_yoga_370	-	No

References

https://support.lenovo.com/us/en/product_security/LEN-59174 Vendor Advisory ([email protected])
https://support.lenovo.com/us/en/product_security/LEN-59174 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For lenovo's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.