CVE-2017-3754
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-3754
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Some Lenovo brand notebook systems do not have write protections properly configured in the system BIOS. This could enable an attacker with physical or administrative access to a system to be able to flash the BIOS with an arbitrary image and potentially run malicious BIOS code.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Lenovo产品BIOS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Lenovo 320-17AST等都是中国联想(Lenovo)公司的计算机产品。BIOS是其中的一个基本输出输入系统。 多款Lenovo产品中的BIOS存在安全漏洞,该漏洞源于程序没有正确的配置写入保护。攻击者可借助任意的图像利用该漏洞可能执行恶意的BIOS代码。以下版本受到影响:Lenovo 320-17AST;710s-13IKB/XiaoXin Air 13IKB;710S-13ISK/XiaoXin Air 13;K21-80;K22-80/Lenovo V720-12;K41-80;ideapa
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Lenovo Group Ltd. | Lenovo Notebook BIOS | Various | - |
II. Public POCs for CVE-2017-3754
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-3754
请登录查看更多情报信息。
- 🔗 https://support.lenovo.com/us/en/product_security/LEN-15084x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2017-3754
IV. Related Vulnerabilities
V. Comments for CVE-2017-3754
No comments yet