high
7.2
CWE
94
Advisory Published
Updated

CVE-2017-3753: Code Injection

First published: Thu Aug 10 2017(Updated: )

A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, conditions exist where an attacker with administrative privileges or physical access to a system may be able to run specially crafted code that can allow them to bypass system protections such as Device Guard and Hyper-V.

Credit: psirt@lenovo.com

Affected SoftwareAffected VersionHow to fix
Lenovo Ideacentre 300-20ish Firmware
Lenovo Ideacentre 300-20ish
Lenovo Ideacentre 300s-11ish Firmware
Lenovo Ideacentre 300s-11ish
Lenovo Ideacentre 510s-08ish Firmware
Lenovo Ideacentre 510s-08ish
Lenovo Ideacentre 700 Firmware
Lenovo Ideacentre 700
Lenovo 63 Firmware=fckt78a
Lenovo 63
Lenovo H50-30g Firmware=fckt78a
Lenovo H50-30g
Lenovo M4500 Firmware=fckt78a
Lenovo M4500
Lenovo M4500 Id Firmware=fckt78a
Lenovo M4500 Id
Lenovo M4550 Id Firmware=fckt78a
Lenovo M4550 Id
Lenovo S500 Firmware=m0kkt24a
Lenovo S500
Lenovo V320-15iap Firmware
Lenovo V320-15iap
Lenovo Thinkcentre E73 Firmware=fckt78a
Lenovo Thinkcentre E73
Lenovo Thinkcentre E73s Firmware=fckt78a
Lenovo Thinkcentre E73s
Lenovo Thinkcentre E74 Firmware=m05kt54a
Lenovo Thinkcentre E74
Lenovo Thinkcentre E74s Firmware=m05kt54a
Lenovo Thinkcentre E74s
Lenovo Thinkcentre E75 T\/s Firmware
Lenovo Thinkcentre E75 T\/s
Lenovo Thinkcentre E79 Firmware=m0lkt12a
Lenovo Thinkcentre E79
Lenovo Thinkcentre E93 Firmware=fbktc5a
Lenovo ThinkCentre E93
Lenovo Thinkcentre M4500k Firmware=fckt78a
Lenovo Thinkcentre M4500k
Lenovo Thinkcentre M4500q Firmware=fhkt66a
Lenovo Thinkcentre M4500q
Lenovo Thinkcentre M4500t\/s Firmware=fckt78a
Lenovo Thinkcentre M4500t\/s
Lenovo Thinkcentre M4600t\/s Firmware=m05kt54a
Lenovo Thinkcentre M4600t\/s
Lenovo Thinkcentre M600 Firmware=m00kt44a
Lenovo Thinkcentre M600
Lenovo Thinkcentre M610 Firmware
Lenovo Thinkcentre M610
Lenovo Thinkcentre M6500t\/s Firmware=fbktc5a
Lenovo Thinkcentre M6500t\/s
Lenovo Thinkcentre M6600 Firmware=fwkt39a
Lenovo Thinkcentre M6600
Lenovo Thinkcentre M6600q Firmware=fwkt39a
Lenovo Thinkcentre M6600q
Lenovo Thinkcentre M6600t\/s Firmware=fwkt39a
Lenovo Thinkcentre M6600t\/s
Lenovo Thinkcentre M700 Firmware=m05kt54a
Lenovo Thinkcentre M700
Lenovo Thinkcentre M710t\/s Firmware
Lenovo Thinkcentre M710t\/s
Lenovo Thinkcentre M715q Firmware
Lenovo Thinkcentre M715q
Lenovo Thinkcentre M72e Firmware=f1kt71a
Lenovo Thinkcentre M72e
Lenovo Thinkcentre M73 Firmware=fckt78a
Lenovo Thinkcentre M73
Lenovo Thinkcentre M73p Firmware=fbktc5a
Lenovo Thinkcentre M73p
Lenovo Thinkcentre M79 Firmware=m0lkt12a
Lenovo Thinkcentre M79
Lenovo Thinkcentre M800 Firmware=fwkt39a
Lenovo Thinkcentre M800
Lenovo Thinkcentre M83 Firmware=fbktcga
Lenovo Thinkcentre M83
Lenovo Thinkcentre M8500t\/s Firmware=fbktc5a
Lenovo Thinkcentre M8500t\/s
Lenovo Thinkcentre M8600t\/s Firmware=fwkt39a
Lenovo Thinkcentre M8600t\/s
Lenovo Thinkcentre M900 Firmware=fwkt39a
Lenovo Thinkcentre M900
Lenovo Thinkcentre M910t\/s Firmware
Lenovo Thinkcentre M910t\/s
Lenovo Thinkcentre M910q Firmware
Lenovo Thinkcentre M910q
Lenovo Thinkcentre M910x Firmware
Lenovo Thinkcentre M910x
Lenovo Thinkcentre M92 Firmware=9skt95a
Lenovo Thinkcentre M92
Lenovo Thinkcentre M92p Firmware=9skt95a
Lenovo Thinkcentre M92p
Lenovo Thinkcentre M93 Firmware=fbktc5a
Lenovo Thinkcentre M93
Lenovo Thinkcentre M93p Firmware=fbktc5a
Lenovo Thinkcentre M93p
Lenovo Yangtian Afh110 Firmware=m05kt73a
Lenovo Yangtian Afh110
Lenovo Yangtian Afh81 Firmware=fckt80a
Lenovo Yangtian Afh81
Lenovo Yangtian Afq150 Firmware=fwkt57a
Lenovo Yangtian Afq150
Lenovo Yangtian Mc Carrizo-l Firmware
Lenovo Yangtian Mc Carrizo-l
Lenovo Yangtian Mc Godavari Firmware=m0lkt13a
Lenovo Yangtian Mc Godavari
Lenovo Yangtian Mc H110 Firmware=m05kt61a
Lenovo Yangtian Mc H110
Lenovo Yangtian Mc H81 Firmware=fckt80a
Lenovo Yangtian Mc H81
Lenovo Yangtian Me\/we H110 Firmware=m05kt61a
Lenovo Yangtian Mf\/wf H81 Firmware=fckt80a
Lenovo Yangtian Mf\/wf H81
Lenovo Ideacentre 510s-23isu Firmware=o2ekt24a
Lenovo Ideacentre 510s-23isu
Lenovo S200z Firmware=m09kt33a
Lenovo S200z
Lenovo Thinkcentre E73z \(aio\) Firmware=fgkt49a
Lenovo Thinkcentre E73z \(aio\)
Lenovo Thinkcentre E74z Firmware=fvkt48a
Lenovo Thinkcentre E74z
Lenovo Thinkcentre E93z \(aio\) Firmware=ffkt43a
Lenovo Thinkcentre E93z \(aio\)
Lenovo Thinkcentre Edge 62z Firmware=f8kt40a
Lenovo Thinkcentre Edge 62z
Lenovo Thinkcentre M700z Firmware=fvkt48a
Lenovo Thinkcentre M700z
Lenovo Thinkcentre M7200z Firmware=fgkt46a
Lenovo Thinkcentre M7200z
Lenovo Thinkcentre M7250z Firmware=fgkt46a
Lenovo Thinkcentre M7250z
Lenovo Thinkcentre M7300z Firmware=fvkt42a
Lenovo Thinkcentre M7300z
Lenovo Thinkcentre M73z \(aio\) Firmware=fgkt46a
Lenovo Thinkcentre M73z \(aio\)
Lenovo Thinkcentre M800z Firmware=fvkt42a
Lenovo Thinkcentre M800z
Lenovo Thinkcentre M810z Firmware
Lenovo Thinkcentre M810z
Lenovo Thinkcentre M8200z Firmware=fgkt46a
Lenovo Thinkcentre M8200z
Lenovo Thinkcentre M8250z Firmware=fgkt46a
Lenovo Thinkcentre M8250z
Lenovo Thinkcentre M8300z Firmware=fvkt42a
Lenovo Thinkcentre M8300z
Lenovo Thinkcentre M8350z Firmware=fvkt42a
Lenovo Thinkcentre M8350z
Lenovo Thinkcentre M83z \(aio\) Firmware=fvkt42a
Lenovo Thinkcentre M83z \(aio\)
Lenovo Thinkcentre M900z Firmware=fukt39a
Lenovo Thinkcentre M900z
Lenovo Thinkcentre M9500z Firmware=fukt44a
Lenovo Thinkcentre M9500z
Lenovo Thinkcentre M9550z Firmware=fukt44a
Lenovo Thinkcentre M9550z
Lenovo Thinkcentre X1 Aio Firmware=m0hkt32a
Lenovo Thinkcentre X1 Aio
Lenovo Yangtian S3040 Firmware=fgkt49a
Lenovo Yangtian S3040
Lenovo Yangtian S800 Firmware=ffkt43a
Lenovo Thinkserver Rd340 Firmware
Lenovo Thinkserver Rd340
Lenovo Thinkserver Rd440 Firmware=a0tsb5a
Lenovo Thinkserver Rd440
Lenovo Thinkserver Rd540 Firmware=a1tsb5a
Lenovo Thinkserver Rd540
Lenovo Thinkserver Rd640 Firmware=a1tsb5a
Lenovo Thinkserver Rq750 Firmware=7.05
Lenovo Thinkserver Rq750
Lenovo Thinkserver Rs140 Firmware=fbkt91c
Lenovo Thinkserver Rs140
Lenovo Thinkserver Td340 Firmware=a3tsb5a
Lenovo Thinkserver Td340
Lenovo Thinkserver Ts140 Firmware=fbktc3a
Lenovo Thinkserver Ts140
Lenovo Thinkserver Ts150 Firmware=fbktc3a
Lenovo Thinkserver Ts150
Lenovo Thinkserver Ts240 Firmware=fbktc3a
Lenovo Thinkserver Ts240
Lenovo Thinkserver Ts250 Firmware
Lenovo Thinkserver Ts250
Lenovo Thinkserver Ts450 Firmware
Lenovo Thinkserver Ts450
Lenovo Thinkserver Ts550 Firmware
Lenovo Thinkserver Ts550
Lenovo Thinkstation C30 \(1136\) Firmware=a1kt57a
Lenovo Thinkstation C30 \(1136\)
Lenovo Thinkstation D30 \(4353\) Firmware=a3kt57a
Lenovo Thinkstation D30 \(4353\)
Lenovo Thinkstation E31 Firmware=9skt97a
Lenovo Thinkstation E31
Lenovo Thinkstation E32 Firmware=fbktc6a
Lenovo Thinkstation E32
Lenovo Thinkstation P300 Firmware=fbktc6a
Lenovo Thinkstation P300
Lenovo Thinkstation P310 Firmware=fwkt57a
Lenovo Thinkstation P310
Lenovo Thinkstation P320 Firmware
Lenovo Thinkstation P320
Lenovo Thinkstation P410 Firmware
Lenovo Thinkstation P410
Lenovo Thinkstation P500 Firmware=a4kt86a
Lenovo Thinkstation P500
Lenovo Thinkstation P510 Firmware
Lenovo Thinkstation P510
Lenovo Thinkstation P700 Firmware=a5kt86a
Lenovo Thinkstation P700
Lenovo Thinkstation P710 Firmware
Lenovo Thinkstation P710
Lenovo Thinkstation P900 Firmware=a6kt86a
Lenovo Thinkstation P900
Lenovo Thinkstation P910 Firmware
Lenovo Thinkstation P910
Lenovo Thinkstation S30 \(4351\) Firmware=a2kt54a
Lenovo Thinkstation S30 \(4351\)
Lenovo Thinkstation C30 \(1137\) Firmware=a1kt57a
Lenovo Thinkstation C30 \(1137\)
Lenovo Thinkstation S30 \(4352\) Firmware=a2kt54a
Lenovo Thinkstation S30 \(4352\)
Lenovo Thinkstation D30 \(4354\) Firmware=a3kt57a
Lenovo Thinkstation D30 \(4354\)

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203