CVE-2021-4210
Summary
| CVE | CVE-2021-4210 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-04-22 21:15:00 UTC |
| Updated | 2022-08-09 00:21:00 UTC |
| Description | A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Lenovo | A540-24icb | - | All | All | All |
| Operating System | Lenovo | A540-24icb Firmware | - | All | All | All |
| Hardware | Lenovo | A540-27icb | - | All | All | All |
| Operating System | Lenovo | A540-27icb Firmware | - | All | All | All |
| Hardware | Lenovo | Ideacentre 5-14imb05 | - | All | All | All |
| Operating System | Lenovo | Ideacentre 5-14imb05 Firmware | - | All | All | All |
| Hardware | Lenovo | Ideacentre Aio 3-22ada6 | - | All | All | All |
| Operating System | Lenovo | Ideacentre Aio 3-22ada6 Firmware | - | All | All | All |
| Hardware | Lenovo | Ideacentre Aio 3-22iil5 | - | All | All | All |
| Operating System | Lenovo | Ideacentre Aio 3-22iil5 Firmware | - | All | All | All |
| Hardware | Lenovo | Ideacentre Aio 3-22itl6 | - | All | All | All |
| Operating System | Lenovo | Ideacentre Aio 3-22itl6 Firmware | - | All | All | All |
| Hardware | Lenovo | Ideacentre Aio 3-24ada6 | - | All | All | All |
| Operating System | Lenovo | Ideacentre Aio 3-24ada6 Firmware | - | All | All | All |
| Hardware | Lenovo | Ideacentre Aio 3-24iil5 | - | All | All | All |
| Operating System | Lenovo | Ideacentre Aio 3-24iil5 Firmware | - | All | All | All |
| Hardware | Lenovo | Ideacentre Aio 3-24itl6 | - | All | All | All |
| Operating System | Lenovo | Ideacentre Aio 3-24itl6 Firmware | - | All | All | All |
| Hardware | Lenovo | Ideacentre Aio 3-27itl6 | - | All | All | All |
| Operating System | Lenovo | Ideacentre Aio 3-27itl6 Firmware | - | All | All | All |
| Hardware | Lenovo | Ideacentre C5-14imb05 | - | All | All | All |
| Operating System | Lenovo | Ideacentre C5-14imb05 Firmware | - | All | All | All |
| Hardware | Lenovo | Ideacentre G5-14imb05 | - | All | All | All |
| Operating System | Lenovo | Ideacentre G5-14imb05 Firmware | - | All | All | All |
| Hardware | Lenovo | Stadia Ggp-120 | - | All | All | All |
| Operating System | Lenovo | Stadia Ggp-120 Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkcentre M700 | - | All | All | All |
| Operating System | Lenovo | Thinkcentre M700 Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkcentre M700 Tiny | - | All | All | All |
| Operating System | Lenovo | Thinkcentre M700 Tiny Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkcentre M70a | - | All | All | All |
| Operating System | Lenovo | Thinkcentre M70a Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkcentre M75n | - | All | All | All |
| Operating System | Lenovo | Thinkcentre M75n Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkcentre M800 | - | All | All | All |
| Operating System | Lenovo | Thinkcentre M800 Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkcentre M810z | - | All | All | All |
| Operating System | Lenovo | Thinkcentre M810z Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkcentre M820z | - | All | All | All |
| Operating System | Lenovo | Thinkcentre M820z Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkcentre M900 | - | All | All | All |
| Hardware | Lenovo | Thinkcentre M900x | - | All | All | All |
| Operating System | Lenovo | Thinkcentre M900x Firmware | - | All | All | All |
| Operating System | Lenovo | Thinkcentre M900 Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkcentre M90a Gen2 | - | All | All | All |
| Operating System | Lenovo | Thinkcentre M90a Gen2 Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkcentre M910z | - | All | All | All |
| Operating System | Lenovo | Thinkcentre M910z Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkcentre X1 | - | All | All | All |
| Operating System | Lenovo | Thinkcentre X1 Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkedge Se30 | - | All | All | All |
| Operating System | Lenovo | Thinkedge Se30 Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkstation P310 | - | All | All | All |
| Operating System | Lenovo | Thinkstation P310 Firmware | - | All | All | All |
| Hardware | Lenovo | Thinkstation P520 | - | All | All | All |
| Hardware | Lenovo | Thinkstation P520c | - | All | All | All |
| Operating System | Lenovo | Thinkstation P520c Firmware | - | All | All | All |
| Operating System | Lenovo | Thinkstation P520 Firmware | - | All | All | All |
| Hardware | Lenovo | V410z | - | All | All | All |
| Operating System | Lenovo | V410z Firmware | - | All | All | All |
| Hardware | Lenovo | V50t-13imb | - | All | All | All |
| Operating System | Lenovo | V50t-13imb Firmware | - | All | All | All |
| Hardware | Lenovo | V540-24iwl | - | All | All | All |
| Operating System | Lenovo | V540-24iwl Firmware | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Multi-vendor BIOS Security Vulnerabilities (February 2022) - Lenovo Support US | MISC | support.lenovo.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: Lenovo thanks Jiawei Yin(@yngweijw) and Menghao Li of IIE varas
There are currently no legacy QID mappings associated with this CVE.