Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2021-3843

A potential vulnerability in the SMI function to access EEPROM in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.

  • Published: Nov 12, 2021
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-3843
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.7
  • AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
lenovo / thinkpad_11e_3rd_gen_firmware - 1.22.x
lenovo / thinkpad_11e_3rd_gen_firmware - 1.29.x
lenovo / thinkpad_11e_4th_gen_i3_firmware - 1.22.x
lenovo / thinkpad_11e_4th_gen_i7_firmware - 1.22.x
lenovo / thinkpad_11e_4th_gen_i5_firmware - 1.22.x
lenovo / thinkpad_11e_4th_gen_celeron_firmware - 1.27.x
lenovo / thinkpad_11e_yoga_gen_6_firmware - 1.12.x
lenovo / thinkpad_13_gen_2_firmware - 1.29.x
lenovo / thinkpad_l13_firmware - 1.31.x
lenovo / thinkpad_l13_gen_2_firmware - 1.11.x
lenovo / thinkpad_l13_gen_2_firmware - 1.08.x
lenovo / thinkpad_l13_yoga_firmware - 1.31.x
lenovo / thinkpad_l13_yoga_gen_2_firmware - 1.11.x
lenovo / thinkpad_l13_yoga_gen_2_firmware - 1.08.x
lenovo / thinkpad_l14_gen_1_firmware - 1.15
lenovo / thinkpad_l14_firmware - 1.20.1.17
lenovo / thinkpad_l15_gen_1_firmware - 1.15
lenovo / thinkpad_l15_firmware - 1.20.1.17
lenovo / thinkpad_l380_firmware - 1.26.x
lenovo / thinkpad_l380_yoga_firmware - 1.26.x
lenovo / thinkpad_l390_yoga_firmware - 1.35.x
lenovo / thinkpad_l390_firmware - 1.35.x
lenovo / thinkpad_s5_2nd_gen_firmware - 1.28.x
lenovo / thinkpad_t460_firmware - 1.43.1.11.x
lenovo / thinkpad_s2_gen_6_firmware - 2021-09-30.x
lenovo / thinkpad_s2_yoga_gen_6_firmware - 2021-09-30.x
lenovo / thinkpad_x12_detachable_gen_1_firmware - 1.16
lenovo / thinkpad_x260_firmware - 1.47\/1.15.x
lenovo / thinkpad_x380_yoga_firmware - 1.34.x
lenovo / thinkpad_x390_yoga_firmware - n2let87w
lenovo / thinkpad_11e_5th_gen_firmware - 1.13.x
lenovo / thinkpad_x1_fold_gen_1_firmware - n2pet50w