Researchers Find UEFI Vulnerability in Three Lenovo Computers Affecting Millions
2 min readResearchers Find UEFI Vulnerability in Three Lenovo Computers Affecting Millions
- An American company made 0.7nm chips: EUV lithography machines can’t do it
- CVE-2007-4559 Python vulnerability ignored for 15 years puts 350,000 projects at risk of code execution
- RISC-V only takes 12 years to achieve the milestone of 10 billion cores
- 14000 cores + 450W: RTX 4080 graphics card perfectly replaces the RTX 3080
- Big upgrade: The difference between Bluetooth 5.0 and 5.2
- Geeks Disappointed that RTX 4080/4090 doesn’t come with PCIe 5.0
- What are advantages and disadvantages of different load balancing?
Researchers Find UEFI Vulnerability in Three Lenovo Computers Affecting Millions.
According to some News, there are three high-impact Unified Extensible Firmware Interface (UEFI) security vulnerabilities announced, namely CVE-2021-3970, CVE-2021-3971 and CVE-2021-3972, which have been found to affect Various Lenovo devices such as Lenovo Flex, IdeaPads, and Yoga laptops.
Originally, CVE-2021-3971 and CVE-2021-3972 were intended for use in the manufacturing process of Lenovo’s consumer notebooks.
However, when making the BIOS image, they were left in by mistake without deactivating first.
Attackers could gain access to these devices, and they would be able to disable SPI flash protection or UEFI Secure Boot from a privileged user-mode process while the operating system is running.
Lenovo released security patches for these vulnerabilities yesterday, as follows:
CVE-2021-3970 – Due to imperfect validation work on some Lenovo notebook models, a potential vulnerability exists in the LenovoVariable SMI Handler that could allow an attacker with local access and high privileges to execute arbitrary code.
CVE-2021-3971 – A potential vulnerability exists in a driver used in an old manufacturing process on some consumer Lenovo laptop devices that was incorrectly included in the BIOS image, potentially allowing an attacker with high privileges to modify the NVRAM by modifying the The variable modifies the firmware protected area.
CVE-2021-3972 – A potential vulnerability in a driver used in the manufacturing process of some consumer Lenovo laptop devices that was mistaken for not being disabled could allow an attacker with high privileges to modify NVRAM variables to Modify Secure Boot settings.
It is important to take advantage of these security patches to avoid future compromises.
These threats are launched early in the PC boot process, before the operating system gains control.
Therefore, an attacker will be able to counteract any security measures based on the operating system.
Reference:
https://support.lenovo.com/us/en/product_security/LEN-73440
- DIY a PBX (Phone System) on Raspberry Pi
- How to host multiple websites on Raspberry Pi 3/4?
- A Free Intercom/Paging system with Raspberry pi and old Android phones
- DIY project: How to use Raspberry Pi to build DNS server?
- Raspberry Pi project : How to use Raspberry Pi to build git server?
