Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 493
Alerts This Week
Warning Icon 1 493

Lenovo: Major Vulnerabilities Found In Multiple Laptop Models

19.Laptop Bed Esm H446

Hundreds of Lenovo models are vulnerable to three major flaws.

Cybersecurity experts from ESET have found three security flaws in hundreds of different Lenovo laptop models which could put millions of users at risk. 

ESET said exploiting these vulnerabilities would allow attackers to deploy and successfully execute UEFI malware either in the form of SPI flash implants like LoJax or ESP implants like ESPecter.  

In total, three vulnerabilities have been discovered, which are now tracked as CVE-2021-3970, CVE-2021-3971 (also known as SecureBackDoor and SecureBackDoorPreim), and CVE-3972 (SMM memory corruption inside the SW SMI handler function).