CVE-2021-4211 Information

Description

A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in some Lenovo Desktop ThinkStation and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Reference

https://support.lenovo.com/us/en/product_security/LEN-77639

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

6.7