Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-4210

A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Published

2022-04-22T21:15:09.950

Last Modified

2024-11-21T06:37:09.330

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.7 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

3.9

Impact Score

10.0

Weaknesses
  • Type: Secondary
    CWE-20
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System lenovo stadia_ggp-120_firmware - Yes
Hardware lenovo stadia_ggp-120 - No
Operating System lenovo thinkedge_se30_firmware - Yes
Hardware lenovo thinkedge_se30 - No
Operating System lenovo v540-24iwl_firmware - Yes
Hardware lenovo v540-24iwl - No
Operating System lenovo thinkstation_p520_firmware - Yes
Hardware lenovo thinkstation_p520 - No
Operating System lenovo thinkstation_p310_firmware - Yes
Hardware lenovo thinkstation_p310 - No
Operating System lenovo v50t-13imb_firmware - Yes
Hardware lenovo v50t-13imb - No
Operating System lenovo thinkstation_p520c_firmware - Yes
Hardware lenovo thinkstation_p520c - No
Operating System lenovo a540-27icb_firmware - Yes
Hardware lenovo a540-27icb - No
Operating System lenovo a540-24icb_firmware - Yes
Hardware lenovo a540-24icb - No
Operating System lenovo ideacentre_g5-14imb05_firmware - Yes
Hardware lenovo ideacentre_g5-14imb05 - No
Operating System lenovo v410z_firmware - Yes
Hardware lenovo v410z - No
Operating System lenovo thinkcentre_m910z_firmware - Yes
Hardware lenovo thinkcentre_m910z - No
Operating System lenovo thinkcentre_m70a_firmware - Yes
Hardware lenovo thinkcentre_m70a - No
Operating System lenovo thinkcentre_m75n_firmware - Yes
Hardware lenovo thinkcentre_m75n - No
Operating System lenovo thinkcentre_x1_firmware - Yes
Hardware lenovo thinkcentre_x1 - No
Operating System lenovo thinkcentre_m900_firmware - Yes
Hardware lenovo thinkcentre_m900 - No
Operating System lenovo thinkcentre_m810z_firmware - Yes
Hardware lenovo thinkcentre_m810z - No
Operating System lenovo thinkcentre_m90a_gen2_firmware - Yes
Hardware lenovo thinkcentre_m90a_gen2 - No
Operating System lenovo thinkcentre_m820z_firmware - Yes
Hardware lenovo thinkcentre_m820z - No
Operating System lenovo ideacentre_aio_3-27itl6_firmware - Yes
Hardware lenovo ideacentre_aio_3-27itl6 - No
Operating System lenovo ideacentre_aio_3-24itl6_firmware - Yes
Hardware lenovo ideacentre_aio_3-24itl6 - No
Operating System lenovo thinkcentre_m900x_firmware - Yes
Hardware lenovo thinkcentre_m900x - No
Operating System lenovo thinkcentre_m800_firmware - Yes
Hardware lenovo thinkcentre_m800 - No
Operating System lenovo ideacentre_aio_3-24iil5_firmware - Yes
Hardware lenovo ideacentre_aio_3-24iil5 - No
Operating System lenovo thinkcentre_m700_firmware - Yes
Hardware lenovo thinkcentre_m700 - No
Operating System lenovo thinkcentre_m700_tiny_firmware - Yes
Hardware lenovo thinkcentre_m700_tiny - No
Operating System lenovo ideacentre_aio_3-24ada6_firmware - Yes
Hardware lenovo ideacentre_aio_3-24ada6 - No
Operating System lenovo ideacentre_aio_3-22itl6_firmware - Yes
Hardware lenovo ideacentre_aio_3-22itl6 - No
Operating System lenovo ideacentre_aio_3-22iil5_firmware - Yes
Hardware lenovo ideacentre_aio_3-22iil5 - No
Operating System lenovo ideacentre_aio_3-22ada6_firmware - Yes
Hardware lenovo ideacentre_aio_3-22ada6 - No
Operating System lenovo ideacentre_5-14imb05_firmware - Yes
Hardware lenovo ideacentre_5-14imb05 - No
Operating System lenovo ideacentre_c5-14imb05_firmware - Yes
Hardware lenovo ideacentre_c5-14imb05 - No
References