5.5

CVE-2017-3740

EPSS 0.04%
Published 04.06.2017 21:29:00
Last modified 20.04.2025 01:37:25
Source psirt@lenovo.com
Teams watchlist Login
Open Login

In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Lenovo ≫ Active Protection System Version1.00b

Lenovo ≫ Active Protection System Version1.01b

Lenovo ≫ Active Protection System Version1.20b

Lenovo ≫ Active Protection System Version1.21

Lenovo ≫ Active Protection System Version1.22

Lenovo ≫ Active Protection System Version1.23

Lenovo ≫ Active Protection System Version1.30b

Lenovo ≫ Active Protection System Version1.31

Lenovo ≫ Active Protection System Version1.32

Lenovo ≫ Active Protection System Version1.33b

Lenovo ≫ Active Protection System Version1.34

Lenovo ≫ Active Protection System Version1.40

Lenovo ≫ Active Protection System Version1.41

Lenovo ≫ Active Protection System Version1.50

Lenovo ≫ Active Protection System Version1.51

Lenovo ≫ Active Protection System Version1.52

Lenovo ≫ Active Protection System Version1.53

Lenovo ≫ Active Protection System Version1.54

Lenovo ≫ Active Protection System Version1.61

Lenovo ≫ Active Protection System Version1.62

Lenovo ≫ Active Protection System Version1.63

Lenovo ≫ Active Protection System Version1.64

Lenovo ≫ Active Protection System Version1.70

Lenovo ≫ Active Protection System Version1.71

Lenovo ≫ Active Protection System Version1.72

Lenovo ≫ Active Protection System Version1.73

Lenovo ≫ Active Protection System Version1.74

Lenovo ≫ Active Protection System Version1.75

Lenovo ≫ Active Protection System Version1.76

Lenovo ≫ Active Protection System Version1.77.0.5

Lenovo ≫ Active Protection System Version1.77.0.7

Lenovo ≫ Active Protection System Version1.77.0.8

Lenovo ≫ Active Protection System Version1.77.0.9

Lenovo ≫ Active Protection System Version1.77.0.11

Lenovo ≫ Active Protection System Version1.77.0.20

Lenovo ≫ Active Protection System Version1.77.0.26

Lenovo ≫ Active Protection System Version1.78.0.09

Lenovo ≫ Active Protection System Version1.78.0.10

Lenovo ≫ Active Protection System Version1.78.0.11

Lenovo ≫ Active Protection System Version1.79.0.03

Lenovo ≫ Active Protection System Version1.80.1.00

Lenovo ≫ Active Protection System Version1.80.3.00

Lenovo ≫ Active Protection System Version1.80.8.00

Lenovo ≫ Active Protection System Version1.80.11.00

Lenovo ≫ Active Protection System Version1.81.0.08

Lenovo ≫ Active Protection System Version1.82.0.03

Lenovo ≫ Active Protection System Version1.82.0.06

Lenovo ≫ Active Protection System Version1.82.0.07

Lenovo ≫ Active Protection System Version1.82.0.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.089

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

https://support.lenovo.com/us/en/product_security/LEN-13637

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-3740

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-3740

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-3740

EUVD