CVE-2021-3719
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-3719
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A potential vulnerability in the SMI callback function that saves and restore boot script tables used for resuming from sleep state in some ThinkCentre and ThinkStation models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
ThinkCentre和ThinkStation输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Lenovo ThinkCentre和ThinkStation(联想台式工作站)都是中国联想(Lenovo)公司的产品。Lenovo ThinkCentre是一款台式电脑。ThinkStation是台式工作站 ThinkCentre和ThinkStation 存在输入验证错误漏洞,攻击者可以利用该漏洞执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Lenovo | ThinkCentre and ThinkStation BIOS | various | - |
II. Public POCs for CVE-2021-3719
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-3719
请登录查看更多情报信息。
- https://support.lenovo.com/us/en/product_security/LEN-67440x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2021-3719
Same Patch Batch · Lenovo · 2021-11-12 · 7 CVEs total
| CVE-2021-3843 | 6.7 MEDIUM | Lenovo ThinkPad 输入验证错误漏洞 |
| CVE-2021-3599 | 6.7 MEDIUM | Lenovo ThinkPad 输入验证错误漏洞 |
| CVE-2021-3519 | 6.4 MEDIUM | ThinkStation 授权问题漏洞 |
| CVE-2021-3720 | 5.5 MEDIUM | Legion Phone Pro(L79031)和Legion Phone2 Pro(L70081)上时间天气系统小部件 安全漏洞 |
| CVE-2021-3786 | 4.4 MEDIUM | Lenovo ThinkPad 输入验证错误漏洞 |
| CVE-2021-3718 | 4.3 MEDIUM | Lenovo ThinkPad 安全漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-20
- CVE-2026-31378
Apache OFBiz: JSON Attribute Override and URL Allowlist Bypa - CVE-2026-28751
filemanagement_storage_service has an improper input validat - CVE-2026-27891
Remote Code Execution (RCE) via Zip Slip in Plugin Upload Me - CVE-2026-45492
Microsoft Edge (Chromium-based) Security Feature Bypass Vuln - CVE-2026-45317
Open WebUI: Cross-Site Request Forgery (CSRF) via Image URL
V. Comments for CVE-2021-3719
No comments yet