4.7

CVE-2021-3718

A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS.

Data is provided by the National Vulnerability Database (NVD)
LenovoThinkpad 11e 3rd Gen Firmware SwEditionbraswell Version <= 1.22
   LenovoThinkpad 11e 3rd Gen Version-
   MicrosoftWindows 10 Version-
   MicrosoftWindows 7 Version- HwPlatformx64
   MicrosoftWindows 8.1 Version-
LenovoThinkpad 11e 3rd Gen Firmware SwEditionskylate Version <= 1.29
   LenovoThinkpad 11e 3rd Gen Version-
   MicrosoftWindows 10 Version-
   MicrosoftWindows 7 Version- HwPlatformx64
   MicrosoftWindows 8.1 Version-
LenovoThinkpad 11e 4th Gen I3 Firmware Version <= 1.22
   LenovoThinkpad 11e 4th Gen I3 Version-
   MicrosoftWindows 10 Version-
LenovoThinkpad 11e 4th Gen I7 Firmware Version <= 1.22
   LenovoThinkpad 11e 4th Gen I7 Version-
   MicrosoftWindows 10 Version-
LenovoThinkpad 11e 4th Gen I5 Firmware Version <= 1.22
   LenovoThinkpad 11e 4th Gen I5 Version-
   MicrosoftWindows 10 Version-
LenovoThinkpad 11e 4th Gen Celeron Firmware Version <= 1.27
   LenovoThinkpad 11e 4th Gen Celeron Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad 11e Yoga Gen 6 Firmware Version <= 1.12
   LenovoThinkpad 11e Yoga Gen 6 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad 13 Gen 2 Firmware Version <= 1.29
   LenovoThinkpad 13 Gen 2 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad E490 Firmware Version <= 1.30
   LenovoThinkpad E490 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad E490s Firmware Version <= 1.30
   LenovoThinkpad E490s Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad E590 Firmware Version <= 1.30
   LenovoThinkpad E590 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L13 Firmware Version <= 1.31
   LenovoThinkpad L13 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L13 Gen 2 Firmware SwEditionnon-vpro Version <= 1.11
   LenovoThinkpad L13 Gen 2 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L13 Gen 2 Firmware SwEditionvpro Version <= 1.08
   LenovoThinkpad L13 Gen 2 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L13 Yoga Firmware Version <= 1.31
   LenovoThinkpad L13 Yoga Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L13 Yoga Gen 2 Firmware SwEditionnon-vpro Version <= 1.11
   LenovoThinkpad L13 Yoga Gen 2 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L13 Yoga Gen 2 Firmware SwEditionvpro Version <= 1.08
   LenovoThinkpad L13 Yoga Gen 2 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L14 Gen 1 Firmware Version < 1.15
   LenovoThinkpad L14 Gen 1 Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L14 Firmware Version < 1.20.1.17
   LenovoThinkpad L14 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L15 Gen 1 Firmware Version < 1.15
   LenovoThinkpad L15 Gen 1 Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L15 Firmware Version < 1.20.1.17
   LenovoThinkpad L15 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L380 Firmware Version <= 1.26
   LenovoThinkpad L380 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L380 Yoga Firmware Version <= 1.26
   LenovoThinkpad L380 Yoga Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L390 Yoga Firmware Version <= 1.35
   LenovoThinkpad L390 Yoga Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L390 Firmware Version <= 1.35
   LenovoThinkpad L390 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L490 Firmware Version < 1.26
   LenovoThinkpad L490 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad L590 Firmware Version < 1.26
   LenovoThinkpad L590 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad P43s Firmware Version < n2iet96w
   LenovoThinkpad P43s Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad P52 Firmware Version < n2cet60w
   LenovoThinkpad P52 Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad P53s Firmware Version < n2iet96w
   LenovoThinkpad P53s Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad P72 Firmware Version < n2cet60w
   LenovoThinkpad P72 Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad S5 2nd Gen Firmware Version <= 1.28
   LenovoThinkpad S5 2nd Gen Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad T460 Firmware Version <= 1.43.1.11
   LenovoThinkpad T460 Version-
   MicrosoftWindows 10 Version-
   MicrosoftWindows 7 Version- HwPlatformx64
   MicrosoftWindows 7 Version- HwPlatformx86
   MicrosoftWindows 8.1 Version-
LenovoThinkpad T490 Firmware Version < n2iet96w
   LenovoThinkpad T490 Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad T590 Firmware Version < n2iet96w
   LenovoThinkpad T590 Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad S2 Gen 6 Firmware Version <= 2021-09-30
   LenovoThinkpad S2 Gen 6 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad S2 Yoga Gen 6 Firmware Version <= 2021-09-30
   LenovoThinkpad S2 Yoga Gen 6 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad X12 Detachable Gen 1 Firmware Version < 1.16
   LenovoThinkpad X12 Detachable Gen 1 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad X260 Firmware Version <= 1.47\/1.15
   LenovoThinkpad X260 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
   MicrosoftWindows 7 Version-
LenovoThinkpad X380 Yoga Firmware Version <= 1.34
   LenovoThinkpad X380 Yoga Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad X390 Yoga Firmware Version < n2let87w
   LenovoThinkpad X390 Yoga Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad 11e 5th Gen Firmware Version <= 1.13
   LenovoThinkpad 11e 5th Gen Version-
   MicrosoftWindows 10 Version- HwPlatformx64
LenovoThinkpad 11e 5th Gen Firmware Version <= 1.13
   LenovoThinkpad Yoga 370 Version-
   MicrosoftWindows 10 Version- HwPlatformx64
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.04% 0.093
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.6 0.9 3.6
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.7 3.4 6.9
AV:L/AC:M/Au:N/C:N/I:N/A:C
psirt@lenovo.com 4.3 0.7 3.6
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE-232 Improper Handling of Undefined Values

The product does not handle or incorrectly handles when a value is not defined or supported for the associated parameter, field, or argument name.