Unprotected BIOS Modules in Certain Lenovo Systems Allow Unauthorized Write Access to SPI Flash Storage

Unprotected BIOS Modules in Certain Lenovo Systems Allow Unauthorized Write Access to SPI Flash Storage

CVE-2021-3453 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage.

Learn more about our Cis Benchmark Audit For Apple Ios.