Jump to content
  • Sign Up
×
×
  • Create New...

Lenovo UEFI Security Flaws Affecting Over 100 Laptop Models Discovered, Company Issues Firmware Patches


Recommended Posts

  • Diamond Member

Lenovo UEFI Security Flaws Affecting Over 100 Laptop Models Discovered, Company Issues Firmware Patches

Lenovo has issued a security advisory related to three security vulnerabilities found on several laptops. The flaws affect over 100 Lenovo laptop models, across the company’s IdeaPad, Legion, and Yoga portfolios. Using the vulnerabilities, an attacker might be able to disable the Unified Extensible Firmware Interface (UEFI) Secure Boot feature and ******** arbitrary code on the laptop. The manufacturer has advised users with affected laptop models to update to the latest firmware for these devices from the official website, in order to stay protected.

Three vulnerabilities were discovered by ESET researchers and affect the UEFI Secure Boot feature, which is designed to verify and load trusted code when the laptop is booted. They were responsibly disclosed by the researchers to Lenovo in October 2021. The vulnerabilities were confirmed by the company in November and were assigned three CVEs (Common Vulnerabilities and Exposures) — CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, and a security advisory was

This is the hidden content, please
by the manufacturer on Monday.

According to ESET, which has

This is the hidden content, please
a detailed technical analysis of the security flaws, two of the vulnerabilities — CVE-2021-3971 (SecureBackDoor), and CVE-2021-3972 (ChgBootDxeHook), were introduced by the company after two UEFI firmware drivers were accidentally included in the firmware. These drivers are only used when manufacturing the laptop and can be exploited by attackers to turn off the UEFI Secure Boot feature and disable protection for the flash memory chip which stores the UEFI firmware. Security software and other solutions on the operating system will be unable to detect these threats as they ******** early in the boot process — before the operating system is loaded.

In order to bypass all the security features offered by Secure Boot, UEFI threats like the ones discovered by ESET, disable the secure mechanisms designed to load trusted code. According to the researchers, all the UEFI threats discovered in the wild including LoJax, MosaicRegressor, MoonBounce, ESPecter, FinSpy were able to bypass these mechanisms to ******** their malicious code. Similar security flaws were also discovered in HP firmware,

This is the hidden content, please
by SentinelOne last month.

The researchers also found a third security flaw — or CVE-2021-3970 (LenovoVariableSmm), which could lead to arbitrary code ********** in system management RAM (or SMRAM), with elevated privileges. In some cases, it can be used to activate the ChgBootDxeHook driver in order to disable UEFI Secure Boot feature, according to the researchers at ESET. All three security vulnerabilities discovered require the attacker to have local access to the device, but it is worth noting that Lenovo has assigned the flaws a “Medium” severity level in its advisory.

Over 100 consumer laptop models used by millions of users are affected by the security flaws, according to the researchers. Users who own devices that have active development support can

This is the hidden content, please
the latest firmware update for their laptop from Lenovo’s Advisory website. However, several other affected devices won’t be fixed as they have reached End of Development Support (EODS). However, these users can use a TPM-aware full-disk encryption to make disk data inaccessible if the UEFI Secure Boot configuration has been modified, according to the ESET researchers.


Affiliate links may be automatically generated – see our ethics statement for details.



This is the hidden content, please

lenovo laptop uefi security flaws secure boot vulnerabilities malware 100 models eset lenovo,uefi,uefi vulnerabilities,uefi secure boot,secure boot
#Lenovo #UEFI #Security #Flaws #Affecting #Laptop #Models #Discovered #Company #Issues #Firmware #Patches

This is the hidden content, please

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.