Local Privilege Escalation Vulnerability in SMI Callback Function of ThinkCentre and ThinkStation Models

Local Privilege Escalation Vulnerability in SMI Callback Function of ThinkCentre and ThinkStation Models

CVE-2021-3719 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

A potential vulnerability in the SMI callback function that saves and restore boot script tables used for resuming from sleep state in some ThinkCentre and ThinkStation models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Learn more about our Web Application Penetration Testing UK.