Lenovo Notebook BIOS Vulnerability: Unauthorized Modification of Secure Boot Setting

Lenovo Notebook BIOS Vulnerability: Unauthorized Modification of Secure Boot Setting

CVE-2021-3972 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices' BIOS that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.

Learn more about our Cis Benchmark Audit For Apple Ios.