TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

Over 100 Lenovo laptop models affected by firmware vulnerability

The tagline of Lenovo PCs and tablets reads – Thin, Light, and Reliable – but the recent incident has somewhat impacted its reputation. A recent vulnerability discovered in the Notebook BIOS of Lenovo laptop models has the potential to escalate privileges. The scope of impact is Lenovo specific and the severity is medium.

Lenovo Firmware Vulnerability

Firmware vulnerability detected in Lenovo laptop models

The support team at Lenovo was quick to respond and published an advisory that underlines 3 major vulnerabilities affecting its laptop computers. All of them have the potential to enable threat actors to gain elevated privileges by one means or another. If accessed, attackers will have the direct power to disable the UEFI Secure Boot feature or install malware

The summary description on the Lenovo support pages reads –

The following vulnerabilities were reported in Lenovo Notebook BIOS.

  • CVE-2021-3970: A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code.

  • CVE-2021-3971: A potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify the firmware protection region by modifying an NVRAM variable.

  • CVE-2021-3972: A potential vulnerability by a driver used during the manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify the secure boot setting by modifying an NVRAM variable.

Thankfully, Lenovo has patches ready and advises the owners to update system firmware to the version (or newer) indicated for your model in the Product Impact section. It also has detailed instructions listed on this page. The manufacturer warns, if left unpatched, malware could exploit critical UEFI vulnerabilities and hide in firmware. And since the UEFI resides in a flash chip on the motherboard, infections will be more difficult to detect and even tougher to wipe clean.

Published on Tags: ,

HemantSaxena@TWCN

A post-graduate in Biotechnology, Hemant switched gears to writing about Microsoft technologies and has been a contributor to TheWindowsClub since then. When he is not working, you can usually find him out traveling to different places or indulging himself in binge-watching.