Some Lenovo laptops may be carrying a serious security flaw

Advisories

Discover Security Vulnerabilities News

Some Lenovo laptops may be carrying a serious security flaw

19.Laptop Bed

Hundreds of Lenovo models are vulnerable to three major flaws.

Cybersecurity experts from ESET have found three security flaws in hundreds of different Lenovo laptop models which could put millions of users at risk. 

ESET said exploiting these vulnerabilities would allow attackers to deploy and successfully execute UEFI malware either in the form of SPI flash implants like LoJax or ESP implants like ESPecter.  

In total, three vulnerabilities have been discovered, which are now tracked as CVE-2021-3970, CVE-2021-3971 (also known as SecureBackDoor and SecureBackDoorPreim), and CVE-3972 (SMM memory corruption inside the SW SMI handler function). 

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.