high
7.2
CWE
94
Advisory Published
Updated

CVE-2017-3753: Code Injection

First published: Thu Aug 10 2017(Updated: )

A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. (AMI). With this vulnerability, conditions exist where an attacker with administrative privileges or physical access to a system may be able to run specially crafted code that can allow them to bypass system protections such as Device Guard and Hyper-V.

Credit: psirt@lenovo.com

Affected SoftwareAffected VersionHow to fix
Lenovo ideacentre 300-20ish
Lenovo ideacentre 300-20ish firmware
Lenovo Ideacentre 300s-11ish
Lenovo Ideacentre 300s-11ish Firmware
Lenovo ideacentre 510s-08ish firmware
Lenovo ideacentre 510s-08ish firmware
Lenovo ideacentre 700 firmware
Lenovo ideacentre 700 firmware
Lenovo 63 Desktop Firmware=fckt78a
Lenovo 63
Lenovo H50-30G Desktop Firmware=fckt78a
Lenovo H50-30G Firmware
Lenovo m4500 Desktop firmware=fckt78a
Lenovo m4500 Desktop
Lenovo ThinkCentre M4500 ID Firmware=fckt78a
Lenovo m4500 Desktop
Lenovo M4550 ID Desktop Firmware=fckt78a
Lenovo M4550 ID Desktop
Lenovo s500 firmware=m0kkt24a
Lenovo S500
Lenovo v320-15iap firmware
Lenovo V320-15IAP
Lenovo ThinkCentre E73 Desktop Firmware=fckt78a
Lenovo ThinkCentre E73
Lenovo ThinkCentre E73s Desktop Firmware=fckt78a
Lenovo Thinkcentre E73s Desktop
Lenovo ThinkCentre E74 Firmware=m05kt54a
Lenovo ThinkCentre E74
Lenovo ThinkCentre E74s Firmware=m05kt54a
Lenovo ThinkCentre E74s Firmware
Lenovo ThinkCentre E75 T/S Firmware
Lenovo ThinkCentre E75 T/S
Lenovo ThinkCentre E79 Firmware=m0lkt12a
Lenovo ThinkCentre E79
Lenovo ThinkCentre E93=fbktc5a
Lenovo ThinkCentre E93 (SFF)
Lenovo ThinkCentre M4500K Desktop Firmware=fckt78a
Lenovo ThinkCentre M4500K Desktop
Lenovo ThinkCentre M4500 ID Firmware=fhkt66a
Lenovo ThinkCentre M4500q Firmware
Lenovo ThinkCentre M4500t/s Firmware=fckt78a
Lenovo ThinkCentre M4500t/s
Lenovo ThinkCentre M4600t/s Firmware=m05kt54a
Lenovo ThinkCentre M4600t/s
Lenovo ThinkCentre M600 Firmware=m00kt44a
Lenovo ThinkCentre M600 Firmware
Lenovo ThinkCentre M610 Firmware
Lenovo ThinkCentre M610
Lenovo ThinkCentre M6500t/s Firmware=fbktc5a
Lenovo ThinkCentre M6500T/S
Lenovo ThinkCentre M6600 Firmware=fwkt39a
Lenovo ThinkCentre M6600 Firmware
Lenovo ThinkCentre M6600q Firmware=fwkt39a
Lenovo ThinkCentre M6600
Lenovo ThinkCentre M6600T/S Firmware=fwkt39a
Lenovo ThinkCentre M6600t/s
Lenovo ThinkCentre M700 Tiny Firmware=m05kt54a
Lenovo ThinkCentre M700
Lenovo ThinkCentre M710t/s Firmware
Lenovo ThinkCentre M710t/s
Lenovo ThinkCentre M715q RR Firmware
Lenovo ThinkCentre M715q Firmware
Lenovo ThinkCentre M72e Firmware=f1kt71a
Lenovo ThinkCentre M72e Firmware
Lenovo ThinkCentre M73 Desktop Firmware=fckt78a
Lenovo ThinkCentre M73 Desktop
Lenovo ThinkCentre M73p=fbktc5a
Lenovo ThinkCentre M73p Firmware
Lenovo ThinkCentre M79=m0lkt12a
Lenovo ThinkCentre M79 Firmware
Lenovo ThinkCentre M800 Firmware=fwkt39a
Lenovo ThinkCentre M800 Firmware
Lenovo ThinkCentre M83z (AIO) Firmware=fbktcga
Lenovo ThinkCentre M83 Firmware
Lenovo ThinkCentre M8500t/s Firmware=fbktc5a
Lenovo ThinkCentre M8500t/s
Lenovo ThinkCentre M8600T/S Firmware=fwkt39a
Lenovo ThinkCentre M8600T/S
Lenovo ThinkCentre M900 Firmware=fwkt39a
Lenovo ThinkCentre M900 Firmware
Lenovo ThinkCentre M910t/s Firmware
Lenovo ThinkCentre M910t/s
Lenovo ThinkCentre M910q Firmware
Lenovo Ideacentre M910q
Lenovo ThinkCentre M910q Firmware
Lenovo ThinkCentre M910x Firmware
Lenovo ThinkCentre M92 Firmware=9skt95a
Lenovo ThinkCentre M92
Lenovo ThinkCentre M92p Firmware=9skt95a
Lenovo ThinkCentre M92p
Lenovo ThinkCentre M93 Firmware=fbktc5a
Lenovo ThinkCentre M93
Lenovo ThinkCentre M93p Tiny Firmware=fbktc5a
Lenovo ThinkCentre M93p (SFF)
Lenovo Yangtian AFH110=m05kt73a
Lenovo Yangtian AFH110
Lenovo Yangtian AFH81 Desktop Firmware=fckt80a
Lenovo Yangtian afh81 Desktop
Lenovo Yangtian AFQ150 Firmware=fwkt57a
Lenovo Yangtian AFQ150 Firmware
Lenovo Yangtian MC Carrizo-L Firmware
Lenovo Yangtian MC Carrizo-L Firmware
Lenovo Yangtian MC Godavari=m0lkt13a
Lenovo Yangtian MC Godavari Firmware
Lenovo Yangtian MC H110 PCI=m05kt61a
Lenovo Yangtian MC H110 Firmware
Lenovo Yangtian MC H81 Desktop Firmware=fckt80a
Lenovo Yangtian MC H81 Desktop Firmware
Lenovo Yangtian ME/WE H110 Firmware=m05kt61a
Lenovo yangtian mf/wf h81 firmware=fckt80a
Lenovo Yangtian MF/WF H81
Lenovo ideacentre 510s-23isu firmware=o2ekt24a
Lenovo ideacentre 510s-23isu firmware
Lenovo s200z firmware=m09kt33a
Lenovo s200z firmware
Lenovo ThinkCentre E73z (AIO) Firmware=fgkt49a
Lenovo ThinkCentre E73z (AIO)
Lenovo ThinkCentre E74z Firmware=fvkt48a
Lenovo ThinkCentre E74
Lenovo ThinkCentre E93z (AIO) Firmware=ffkt43a
Lenovo ThinkCentre E93z (AIO)
Lenovo ThinkCentre Edge 62z=f8kt40a
Lenovo ThinkCentre Edge 62z Firmware
Lenovo ThinkCentre M700z Firmware=fvkt48a
Lenovo ThinkCentre M700z Firmware
Lenovo ThinkCentre M7200Z Firmware=fgkt46a
Lenovo ThinkCentre M7200Z Firmware
Lenovo ThinkCentre M7250z Firmware=fgkt46a
Lenovo ThinkCentre M7250z Firmware
Lenovo ThinkCentre M7300z Firmware=fvkt42a
Lenovo ThinkCentre M7300z Firmware
Lenovo ThinkCentre M73z (AIO) Firmware=fgkt46a
Lenovo ThinkCentre M73z (AIO)
Lenovo ThinkCenter M800z Firmware=fvkt42a
Lenovo ThinkCentre M800z Firmware
Lenovo ThinkCentre M810z All-in-One Firmware
Lenovo ThinkCentre M810z All-in-One
Lenovo ThinkCentre M8200z Firmware=fgkt46a
Lenovo ThinkCentre M8200z Firmware
Lenovo ThinkCentre M8250z Firmware=fgkt46a
Lenovo ThinkCentre M8250z Firmware
Lenovo ThinkCentre M8300z Firmware=fvkt42a
Lenovo ThinkCentre M8300z Firmware
Lenovo ThinkCentre M8350z Firmware=fvkt42a
Lenovo ThinkCentre M8350z Firmware
Lenovo ThinkCentre M83z (AIO) Firmware=fvkt42a
Lenovo ThinkCentre M83z (AIO)
Lenovo ThinkCentre M900z Firmware=fukt39a
Lenovo ThinkCentre M900z Firmware
Lenovo ThinkCentre M9500Z Firmware=fukt44a
Lenovo ThinkCentre M9500Z Firmware
Lenovo ThinkCentre M9550z Firmware=fukt44a
Lenovo ThinkCentre M9550z Firmware
Lenovo ThinkCentre X1 Firmware=m0hkt32a
Lenovo ThinkCentre X1
Lenovo Yangtian S3040=fgkt49a
Lenovo Yangtian S3040 Firmware
Lenovo Yangtian S800 Firmware=ffkt43a
Lenovo ThinkServer RD340
Lenovo ThinkServer RD340
Lenovo ThinkServer RD440=a0tsb5a
Lenovo ThinkServer RD440
Lenovo ThinkServer RD540=a1tsb5a
Lenovo ThinkServer RD540
Lenovo ThinkServer RD640=a1tsb5a
Lenovo ThinkServer RQ750=7.05
Lenovo ThinkServer RQ750
Lenovo ThinkServer RS140 Firmware=fbkt91c
Lenovo ThinkServer RS140 Firmware
Lenovo ThinkServer TD340=a3tsb5a
Lenovo ThinkServer TD340 Firmware
Lenovo ThinkServer TS140 Firmware=fbktc3a
Lenovo ThinkServer TS140 Firmware
Lenovo ThinkServer TS150 Firmware=fbktc3a
Lenovo ThinkServer TS150 BIOS
Lenovo ThinkServer TS240=fbktc3a
Lenovo ThinkServer TS240 Firmware
Lenovo ThinkServer TS250 Firmware
Lenovo ThinkServer TS250 Firmware
Lenovo ThinkServer TS450 Firmware
Lenovo ThinkServer TS450 BIOS
Lenovo ThinkServer TS550 Firmware
Lenovo ThinkServer TS550 Firmware
Lenovo ThinkStation C30 Firmware=a1kt57a
Lenovo ThinkStation C30 (1136)
Lenovo ThinkStation D30 Firmware=a3kt57a
Lenovo ThinkStation D30 (4353)
Lenovo ThinkStation E31 Firmware=9skt97a
Lenovo ThinkStation E31
Lenovo ThinkStation E32 Firmware=fbktc6a
Lenovo ThinkStation E32 Firmware
Lenovo ThinkStation P300 Firmware=fbktc6a
Lenovo ThinkStation P300 Firmware
Lenovo Thinkstation P310 Workstation Firmware=fwkt57a
Lenovo Thinkstation P310 Workstation
Lenovo ThinkStation P320 Firmware
Lenovo ThinkStation P320 Workstation
Lenovo ThinkStation P410 Firmware
Lenovo ThinkStation P410 Firmware
Lenovo ThinkStation P500 Firmware=a4kt86a
Lenovo ThinkStation P500
Lenovo ThinkStation P510 Firmware
Lenovo ThinkStation P510 Firmware
Lenovo ThinkStation P700 Firmware=a5kt86a
Lenovo ThinkStation P700
Lenovo ThinkStation P710 Firmware
Lenovo ThinkStation P710 Firmware
Lenovo ThinkStation P900 Firmware=a6kt86a
Lenovo ThinkStation P900 Firmware
Lenovo ThinkStation P910 Firmware
Lenovo ThinkStation P910
Lenovo ThinkStation S30 Firmware=a2kt54a
Lenovo ThinkStation S30 (4351)
Lenovo ThinkStation C30 Firmware=a1kt57a
Lenovo ThinkStation C30 (1137)
Lenovo ThinkStation S30 Firmware=a2kt54a
Lenovo ThinkStation S30 (4352)
Lenovo ThinkStation D30 Firmware=a3kt57a
Lenovo ThinkStation D30

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2017-3753?

    CVE-2017-3753 has a CVSS base score of 7.2, indicating it is a high severity vulnerability.

  • How do I fix CVE-2017-3753?

    To fix CVE-2017-3753, users should update their affected Lenovo products with the firmware provided by Lenovo.

  • Which Lenovo products are affected by CVE-2017-3753?

    CVE-2017-3753 affects various Lenovo products that utilize UEFI firmware developed by American Megatrends, including specific models of Ideacentre, Thinkcentre, and other Lenovo lines.

  • Can CVE-2017-3753 be exploited remotely?

    No, CVE-2017-3753 requires the attacker to have administrative privileges or physical access to the system to exploit the vulnerability.

  • What type of vulnerability is CVE-2017-3753?

    CVE-2017-3753 is classified as a firmware vulnerability related to UEFI that could allow unauthorized code execution.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203