VYPR

Lenovo Notebook BIOS

by Lenovo

CVEs (2)

  • CVE-2017-3754MedJul 17, 2017
    risk 0.44cvss 6.7epss 0.00

    Some Lenovo brand notebook systems do not have write protections properly configured in the system BIOS. This could enable an attacker with physical or administrative access to a system to be able to flash the BIOS with an arbitrary image and potentially run malicious BIOS code.

  • CVE-2021-3970Apr 22, 2022
    risk 0.00cvss epss 0.01

    A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models BIOS may allow an attacker with local access and elevated privileges to execute arbitrary code.