CVE-2021-3786

A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range.

Published: Nov 12, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-3786
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
lenovo / thinkpad_x380_yoga_firmware	-	2020-10-31
lenovo / thinkpad_x1_fold_gen_1_firmware	-	2021-10-29
lenovo / thinkpad_yoga_260_firmware	-	2021-10-25
lenovo / thinkpad_yoga_11e_3rd_gen_firmware	-	2021-10-31
lenovo / thinkpad_yoga_15_firmware	-	n19et66w
lenovo / thinkpad_yoga_370_firmware	-	2021-10-31
lenovo / thinkpad_x12_detachable_gen_1_firmware	-	2021-10-31
lenovo / thinkpad_x390_firmware	-	n2jet96w
lenovo / thinkpad_yoga_11e_4th_gen_firmware	-	2021-10-31
lenovo / thinkpad_yoga_11e_5th_gen_firmware	-	2021-10-31
lenovo / thinkpad_x250_firmware	-	2021-10-31
lenovo / thinkpad_x260_firmware	-	2021-10-31
lenovo / thinkpad_x390_yoga_firmware	-	n2let87w
lenovo / thinkpad_x280_firmware	-	n20et58w
lenovo / thinkpad_x1_titanium_firmware	-	n2met51w
lenovo / thinkpad_x270_firmware	-	2021-10-29
lenovo / thinkpad_x1_carbon_5th_gen_kabylake_firmware	-	n1met66w
lenovo / thinkpad_x13_gen_1_firmware	-	n2yet31w
lenovo / thinkpad_x13_gen_2_firmware	-	n35et41w
lenovo / thinkpad_x13_yoga_gen_1_firmware	-	n2uet56w
lenovo / thinkpad_x13_yoga_gen_2_firmware	-	n39et47w
lenovo / thinkpad_x1_carbon_5th_gen_skylake_firmware	-	n1met66w
lenovo / thinkpad_x1_yoga_1st_gen_firmware	-	n1fet76w
lenovo / thinkpad_x1_yoga_3rd_gen_firmware	-	n25et57w
lenovo / thinkpad_x1_yoga_4th_gen_firmware	-	n2het64w
lenovo / thinkpad_x1_yoga_gen_5_firmware	-	n2wet30w
lenovo / thinkpad_x1_carbon_4th_gen_firmware	-	n1fet76w
lenovo / thinkpad_10_firmware	-	2021-10-25
lenovo / thinkpad_x1_nano_gen_1_firmware	-	n2tet67w
lenovo / thinkpad_x1_extreme_firmware	-	n2eet54w
lenovo / thinkpad_x1_extreme_2nd_firmware	-	n2oet53w
lenovo / thinkpad_x1_extreme_gen_3_firmware	-	n2vet33w
lenovo / thinkpad_t460s_firmware	-	n1cet84w
lenovo / thinkpad_s2_gen_6_firmware	-	2021-10-31
lenovo / thinkpad_x1_carbon_gen_6_firmware	-	n23et78w
lenovo / thinkpad_x1_carbon_gen_7_firmware	-	n2het64w
lenovo / thinkpad_x1_carbon_gen_8_firmware	-	n2het64w
lenovo / thinkpad_t560_firmware	-	n1ket52w
lenovo / thinkpad_t460p_firmware	-	2021-10-29
lenovo / thinkpad_w550s_firmware	-	n11et54w
lenovo / thinkpad_t590_firmware	-	n2iet96w
lenovo / thinkpad_t570_firmware	-	n1vet57w
lenovo / thinkpad_s2_yoga_gen_6_firmware	-	2021-10-31
lenovo / thinkpad_t480_firmware	-	n24et65w
lenovo / thinkpad_x1_tablet_firmware	-	n1let92w
lenovo / thinkpad_t550_firmware	-	n11et54w
lenovo / thinkpad_x1_carbon_3rd_gen_firmware	-	n14et56w
lenovo / thinkpad_x1_tablet_gen_2_firmware	-	n1oet56w
lenovo / thinkpad_x1_tablet_gen_3_firmware	-	2021-10-29
lenovo / thinkpad_t580_firmware	-	n27et43w
lenovo / thinkpad_t480s_firmware	-	n22et70w
lenovo / thinkpad_t15_firmware	-	n2xet32w
lenovo / thinkpad_t460_firmware	-	2021-10-31
lenovo / thinkpad_t470_firmware	-	n1qet92w
lenovo / thinkpad_t490_firmware	-	n2iet96w
lenovo / thinkpad_t490s_firmware	-	n2iet96w
lenovo / thinkpad_t14s_gen_2_firmware	-	n35et41w
lenovo / thinkpad_t14s_firmware	-	2021-10-15
lenovo / thinkpad_t470p_firmware	-	r0fet55w
lenovo / thinkpad_t470s_firmware	-	2021-10-29
lenovo / thinkpad_p71_firmware	-	2021-10-29
lenovo / thinkpad_t440p_firmware	-	2021-10-29
lenovo / thinkpad_t15_gen_2_firmware	-	n34et42w
lenovo / thinkpad_t15p_gen_1_firmware	-	2021-10-29
lenovo / thinkpad_p70_firmware	-	n1detb2w
lenovo / thinkpad_t15g_gen_1_firmware	-	2021-10-29
lenovo / thinkpad_t14_gen_1_firmware	-	n2xet32w
lenovo / thinkpad_t14_gen_2_firmware	-	n34et42w
lenovo / thinkpad_p73_firmware	-	n2net47w
lenovo / thinkpad_s540_firmware	-	2021-10-25
lenovo / thinkpad_p72_firmware	-	n2cet60w
lenovo / thinkpad_l380_firmware	-	2021-10-31
lenovo / thinkpad_s5_2nd_gen_firmware	-	2021-10-31
lenovo / thinkpad_p15v_gen_1_firmware	-	2021-10-29
lenovo / thinkpad_p53_firmware	-	n2net47w
lenovo / thinkpad_p53s_firmware	-	n2iet96w
lenovo / thinkpad_p43s_firmware	-	n2iet96w
lenovo / thinkpad_p51_firmware	-	n1uet82w
lenovo / thinkpad_p51s_firmware	-	n1vet57w
lenovo / thinkpad_p50_firmware	-	n1eet92w
lenovo / thinkpad_p52_firmware	-	n2cet60w
lenovo / thinkpad_p52s_firmware	-	n27et43w
lenovo / thinkpad_p50s_firmware	-	n1ket52w
lenovo / thinkpad_l570_firmware	-	n1xet74w
lenovo / thinkpad_p17_gen_1_firmware	-	2021-10-29
lenovo / thinkpad_l580_firmware	-	2021-10-15
lenovo / thinkpad_p14s_gen_1_firmware	-	n2xet32w
lenovo / thinkpad_p14s_gen_2_firmware	-	n34et42w
lenovo / thinkpad_p15_gen_1_firmware	-	2021-10-29
lenovo / thinkpad_p15s_gen_1_firmware	-	n2xet32w
lenovo / thinkpad_p15s_gen_2_firmware	-	n34et42w
lenovo / thinkpad_l590_firmware	-	2021-10-15
lenovo / thinkpad_l380_yoga_firmware	-	2021-10-31
lenovo / thinkpad_l490_firmware	-	2021-10-15
lenovo / thinkpad_l560_firmware	-	n1het92w
lenovo / thinkpad_p1_firmware	-	n2eet54w
lenovo / thinkpad_p1_gen_2_firmware	-	n2oet53w
lenovo / thinkpad_p1_gen_3_firmware	-	n2vet33w
lenovo / thinkpad_l480_firmware	-	2021-10-15
lenovo / thinkpad_l470_firmware	-	2021-10-15
lenovo / thinkpad_l460_firmware	-	2021-10-15
lenovo / thinkpad_e490_firmware	-	2021-10-15
lenovo / thinkpad_helix_firmware	-	n17etb6w
lenovo / thinkpad_l390_firmware	-	2021-10-31
lenovo / thinkpad_l390_yoga_firmware	-	2021-10-31
lenovo / thinkpad_e15_gen_3_firmware	-	2021-10-15
lenovo / thinkpad_l14_firmware	-	2021-10-15
lenovo / thinkpad_l13_gen_2_firmware	-	2021-10-31
lenovo / thinkpad_l15_firmware	-	2021-10-15
lenovo / thinkpad_l15_gen_2_firmware	-	2021-10-15
lenovo / thinkpad_l13_firmware	-	2021-10-31
lenovo / thinkpad_e14_gen_3_firmware	-	2021-10-15
lenovo / thinkpad_e590_firmware	-	2021-10-15
lenovo / thinkpad_e580_firmware	-	2021-10-15
lenovo / thinkpad_l13_yoga_gen_2_firmware	-	2021-10-31
lenovo / thinkpad_e570_firmware	-	2021-10-15
lenovo / thinkpad_l13_yoga_firmware	-	2021-10-31
lenovo / thinkpad_11e_3rd_gen_firmware	-	2021-10-31
lenovo / thinkpad_e480_firmware	-	2021-10-15
lenovo / thinkpad_e14_firmware	-	2021-10-15.x
lenovo / thinkpad_e470_firmware	-	2021-10-15
lenovo / thinkpad_e15_firmware	-	2021-10-15
lenovo / thinkpad_e15_gen_2_firmware	-	2021-10-15
lenovo / thinkpad_25_firmware	-	n1qet92w
lenovo / thinkpad_e14_gen_2_firmware	-	2021-10-15
lenovo / thinkpad_13_gen_2_firmware	-	2021-10-31
lenovo / thinkpad_11e_4th_gen_firmware	-	2021-10-31
lenovo / thinkpad_11e_yoga_gen_6_firmware	-	2021-10-31
lenovo / ideapad_s940-14iwl_firmware	-	12.0.81.1753.x
lenovo / ideapad_yoga_s940-14iwl_firmware	-	12.0.81.1753.x
lenovo / v330-15isk_firmware	-	11.8.86.3877.x
lenovo / v330-15ikb_firmware	-	11.8.86.3877.x
lenovo / v130-15igm_firmware	-	6vcn42ww.x
lenovo / thinkpad_x1_yoga_4th_gen_firmware	-	n2qet42w
lenovo / thinkpad_x1_carbon_gen_7_firmware	-	n2qet42w
lenovo / thinkpad_x1_carbon_gen_8_firmware	-	n2qet42w

https://support.lenovo.com/us/en/product_security/LEN-67440

Vulnerability Database

289,697

CVE-2021-3786