Vulnerabilities (CVE)

Filtered by vendor Lenovo Subscribe
Filtered by product Bios
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3452 1 Lenovo 27 Bios, Thinkpad 11e 3rd Gen, Thinkpad 11e 4th Gen and 24 more 2024-11-21 4.6 MEDIUM 6.7 MEDIUM
A potential vulnerability in the system shutdown SMI callback function in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVE-2017-3754 1 Lenovo 20 710s-13ikb\/xiaoxin Air 13ikb, 710s-13isk\/xiaoxin Air 13, Bios and 17 more 2024-11-21 7.2 HIGH 6.7 MEDIUM
Some Lenovo brand notebook systems do not have write protections properly configured in the system BIOS. This could enable an attacker with physical or administrative access to a system to be able to flash the BIOS with an arbitrary image and potentially run malicious BIOS code.
CVE-2016-8224 1 Lenovo 57 Bios, Notebook 110 14ibr, Notebook 110 14ibr Bios and 54 more 2024-11-21 4.6 MEDIUM 4.4 MEDIUM
A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system.
CVE-2016-5247 1 Lenovo 23 Bios, Thinkcentre E93, Thinkcentre M6500t\/s and 20 more 2024-11-21 7.2 HIGH 7.8 HIGH
The BIOS for Lenovo ThinkCentre E93, M6500t/s, M6600, M6600q, M6600t/s, M73p, M800, M83, M8500t/s, M8600t/s, M900, M93, and M93P devices; ThinkServer RQ940, RS140, TS140, TS240, TS440, and TS540 devices; and ThinkStation E32, P300, and P310 devices might allow local users or physically proximate attackers to bypass the Secure Boot protection mechanism by leveraging an AMI test key.