Vulnerability-Lookup

CVE-2017-3740 (GCVE-0-2017-3740)

Vulnerability from cvelistv5 – Published: 2017-06-03 00:00 – Updated: 2024-08-05 14:39

Summary

Severity ?

No CVSS data available.

CWE

Denial of Service

Assigner

lenovo

References

URL

	Vendor	Product	Version
	Lenovo Group Ltd.	Active Protection System	Affected: Earlier than 1.82.0.14

GHSA-JJ4C-V9G6-VG2X

Vulnerability from github – Published: 2022-05-13 01:45 – Updated: 2022-05-13 01:45

Details

Severity ?

5.5 (Medium)


                  
                    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-3740"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-04T21:29:00Z",
    "severity": "MODERATE"
  },
  "details": "In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system\u0027s embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.",
  "id": "GHSA-jj4c-v9g6-vg2x",
  "modified": "2022-05-13T01:45:51Z",
  "published": "2022-05-13T01:45:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3740"
    },
    {
      "type": "WEB",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-13637"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2017-3740

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-3740

Aliases

CVE-2017-3740

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-3740",
    "description": "In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system\u0027s embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.",
    "id": "GSD-2017-3740"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-3740"
      ],
      "details": "In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system\u0027s embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.",
      "id": "GSD-2017-3740",
      "modified": "2023-12-13T01:21:16.810331Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@lenovo.com",
        "ID": "CVE-2017-3740",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Active Protection System",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Earlier than 1.82.0.14"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Lenovo Group Ltd."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system\u0027s embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.lenovo.com/us/en/product_security/LEN-13637",
            "refsource": "CONFIRM",
            "url": "https://support.lenovo.com/us/en/product_security/LEN-13637"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.03:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.81.0.08:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.80.11.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.80.8.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.76:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.75:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.74:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.73:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.41:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.34:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.33b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.09:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.63:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.62:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.61:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.54:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.20b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.01b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.00b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.80.1.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.72:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.70:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.52:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.50:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.30b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.06:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.80.3.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.79.0.03:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.71:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.64:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.53:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.51:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:active_protection_system:1.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "ID": "CVE-2017-3740"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system\u0027s embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-13637",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.lenovo.com/us/en/product_security/LEN-13637"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2017-06-04T21:29Z"
    }
  }
}

FKIE_CVE-2017-3740

Vulnerability from fkie_nvd - Published: 2017-06-04 21:29 - Updated: 2025-04-20 01:37

Severity ?

5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@lenovo.com	https://support.lenovo.com/us/en/product_security/LEN-13637	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.lenovo.com/us/en/product_security/LEN-13637	Vendor Advisory

Impacted products

Vendor	Product	Version
lenovo	active_protection_system	1.00b
lenovo	active_protection_system	1.01b
lenovo	active_protection_system	1.20b
lenovo	active_protection_system	1.21
lenovo	active_protection_system	1.22
lenovo	active_protection_system	1.23
lenovo	active_protection_system	1.30b
lenovo	active_protection_system	1.31
lenovo	active_protection_system	1.32
lenovo	active_protection_system	1.33b
lenovo	active_protection_system	1.34
lenovo	active_protection_system	1.40
lenovo	active_protection_system	1.41
lenovo	active_protection_system	1.50
lenovo	active_protection_system	1.51
lenovo	active_protection_system	1.52
lenovo	active_protection_system	1.53
lenovo	active_protection_system	1.54
lenovo	active_protection_system	1.61
lenovo	active_protection_system	1.62
lenovo	active_protection_system	1.63
lenovo	active_protection_system	1.64
lenovo	active_protection_system	1.70
lenovo	active_protection_system	1.71
lenovo	active_protection_system	1.72
lenovo	active_protection_system	1.73
lenovo	active_protection_system	1.74
lenovo	active_protection_system	1.75
lenovo	active_protection_system	1.76
lenovo	active_protection_system	1.77.0.5
lenovo	active_protection_system	1.77.0.7
lenovo	active_protection_system	1.77.0.8
lenovo	active_protection_system	1.77.0.9
lenovo	active_protection_system	1.77.0.11
lenovo	active_protection_system	1.77.0.20
lenovo	active_protection_system	1.77.0.26
lenovo	active_protection_system	1.78.0.09
lenovo	active_protection_system	1.78.0.10
lenovo	active_protection_system	1.78.0.11
lenovo	active_protection_system	1.79.0.03
lenovo	active_protection_system	1.80.1.00
lenovo	active_protection_system	1.80.3.00
lenovo	active_protection_system	1.80.8.00
lenovo	active_protection_system	1.80.11.00
lenovo	active_protection_system	1.81.0.08
lenovo	active_protection_system	1.82.0.03
lenovo	active_protection_system	1.82.0.06
lenovo	active_protection_system	1.82.0.07
lenovo	active_protection_system	1.82.0.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.00b:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61BE078-322A-45B1-BC57-0A667A86A353",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.01b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0188B18D-0F09-4CC6-A528-ADE432233C90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.20b:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D24478B-239A-4646-A664-5B1A4EE6D973",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF77DA91-EF59-46ED-9EB6-E405ED53B983",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E35EE5-BDF4-4444-9427-743C1674E9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1A2DFDA-5569-4D5D-8853-B067AE56F1A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.30b:*:*:*:*:*:*:*",
              "matchCriteriaId": "75C6B9BE-82AB-4A31-BA1C-EBDF1C16A370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3420702-4410-4421-BB1E-C8CABFDA9074",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D4D7922-1832-405C-9263-B3AA06C7FC9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.33b:*:*:*:*:*:*:*",
              "matchCriteriaId": "7022DD3E-AEBC-4F72-8BA8-F9EBE7410BA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "01AF50B2-3473-43F8-BA67-F97CD19FA9FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBDB2D82-61E8-4540-849B-B026AE64EB44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF622DBD-50C2-46BE-B029-9CE15E3B05F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "4345A74B-0946-4F81-9C37-0263B521B50F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE678A7B-5BD3-4830-9EE2-28AB71E8A21C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "A23B64DA-B893-479A-94B6-39D826E6900B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "843DD86D-7030-4E19-AD84-33A73F6F26D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C6FA9AB-0F06-4CA1-BF5A-CD39D0AED14C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "661251D1-92FF-409F-AA56-949630ADD2B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "75792F99-A17E-4F1B-B8BE-D8B75C040BD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.63:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BEB1AB1-6780-4043-A7EE-3F6A6D5E1BCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.64:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C5A0580-93F3-4734-8578-BBE2BA5D9FCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "B54CAF04-1129-43C0-9048-C34056338CB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8BB873E-EFC8-4FF6-A0D7-3F6C79F50EE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.72:*:*:*:*:*:*:*",
              "matchCriteriaId": "56081A7B-356F-4B53-8527-01C1EDA187D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF9B2A27-8CF5-47CF-B720-74634407C3A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C411E94-EBD9-4714-9900-CEBA62B6A036",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.75:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8C0B207-A92E-4485-A7D7-9B0C8C975959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.76:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9F2770-8A1A-4272-8B80-6543E214C171",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A42ED0A-8245-4852-ABE5-A7728CBFEFA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4DDD0A8-4D27-48FF-BBEF-52AA116763CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7537663-CA21-4D35-A96C-579AE7014727",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "34141E6D-C36B-45D0-BAEF-BBEA7E3CC93A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EB4C97C-6B54-4364-A112-3E6A78524D0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB9CEE3-2F3F-41E1-B97E-A3070DFCD1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "98EFE84C-3D95-4CCC-8D86-01C3B46D9A3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.09:*:*:*:*:*:*:*",
              "matchCriteriaId": "741E8301-04BF-4B96-9443-3687BB8A6DAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F129F3-C149-4878-905D-E0ECD4FA926E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F22EDFD-6777-4DF8-BAF5-826C6539DFDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.79.0.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F2B7D48-F446-435B-B5EE-503D96710FB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "573F1165-2FB0-4F70-9D06-0ABF9241E5A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.3.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "72ED63CE-462E-4AF1-BE64-E45BB0091451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.8.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "B72A19B2-AA9E-4CFF-842C-1F1FF7AC09E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.11.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7079EF9-3DE0-4ECE-8727-73191B8A959C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.81.0.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D6687F6-900C-465D-A76E-45205FE32F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "30033295-5737-4DB2-9E2D-7971D9E51765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "17B1422B-DFF0-46B4-8CB3-C78E355973F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC391FE6-36C6-4FC0-8FDE-EE7746446AC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "79859933-97B2-4169-B389-EF5AAE92741B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system\u0027s embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality."
    },
    {
      "lang": "es",
      "value": "En Lenovo Active Protection System anterior a versi\u00f3n 1.82.0.14, un atacante con privilegios locales podr\u00eda enviar comandos al controlador integrado del sistema, lo que podr\u00eda causar un ataque de denegaci\u00f3n de servicio sobre el sistema o la capacidad de alterar la funcionalidad del hardware."
    }
  ],
  "id": "CVE-2017-3740",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-04T21:29:00.357",
  "references": [
    {
      "source": "psirt@lenovo.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/product_security/LEN-13637"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/product_security/LEN-13637"
    }
  ],
  "sourceIdentifier": "psirt@lenovo.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2017-08613

Vulnerability from cnvd - Published: 2017-06-07

Title

Lenovo Thinkpad Active Protection System权限提升漏洞

Description

Lenovo Thinkpad是中国联想（Lenovo）公司旗下的便携式计算机。Active Protection System是一个用于保护硬盘驱动程序器免受由强烈的物理震动和振动所导致的损坏的自主功能部件。 Lenovo Thinkpad中的Active Protection System 1.82.0.14之前的版本中存在权限提升漏洞。攻击者可通过向系统嵌入的控制器发送命令利用该漏洞对系统实施拒绝服务攻击，或更改硬件功能。

Severity

低

Patch Name

Lenovo Thinkpad Active Protection System权限提升漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://support.lenovo.com/us/zh/product_security/len-13637

Reference

https://support.lenovo.com/us/zh/product_security/len-13637

Impacted products

Name
Lenovo ThinkPad Active Protection System <=1.82.0.14

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-3740"
    }
  },
  "description": "Lenovo Thinkpad\u662f\u4e2d\u56fd\u8054\u60f3\uff08Lenovo\uff09\u516c\u53f8\u65d7\u4e0b\u7684\u4fbf\u643a\u5f0f\u8ba1\u7b97\u673a\u3002Active Protection System\u662f\u4e00\u4e2a\u7528\u4e8e\u4fdd\u62a4\u786c\u76d8\u9a71\u52a8\u7a0b\u5e8f\u5668\u514d\u53d7\u7531\u5f3a\u70c8\u7684\u7269\u7406\u9707\u52a8\u548c\u632f\u52a8\u6240\u5bfc\u81f4\u7684\u635f\u574f\u7684\u81ea\u4e3b\u529f\u80fd\u90e8\u4ef6\u3002\r\n\r\nLenovo Thinkpad\u4e2d\u7684Active Protection System 1.82.0.14\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u7cfb\u7edf\u5d4c\u5165\u7684\u63a7\u5236\u5668\u53d1\u9001\u547d\u4ee4\u5229\u7528\u8be5\u6f0f\u6d1e\u5bf9\u7cfb\u7edf\u5b9e\u65bd\u62d2\u7edd\u670d\u52a1\u653b\u51fb\uff0c\u6216\u66f4\u6539\u786c\u4ef6\u529f\u80fd\u3002",
  "discovererName": "Lenovo",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://support.lenovo.com/us/zh/product_security/len-13637",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-08613",
  "openTime": "2017-06-07",
  "patchDescription": "Lenovo Thinkpad\u662f\u4e2d\u56fd\u8054\u60f3\uff08Lenovo\uff09\u516c\u53f8\u65d7\u4e0b\u7684\u4fbf\u643a\u5f0f\u8ba1\u7b97\u673a\u3002Active Protection System\u662f\u4e00\u4e2a\u7528\u4e8e\u4fdd\u62a4\u786c\u76d8\u9a71\u52a8\u7a0b\u5e8f\u5668\u514d\u53d7\u7531\u5f3a\u70c8\u7684\u7269\u7406\u9707\u52a8\u548c\u632f\u52a8\u6240\u5bfc\u81f4\u7684\u635f\u574f\u7684\u81ea\u4e3b\u529f\u80fd\u90e8\u4ef6\u3002\r\n\r\nLenovo Thinkpad\u4e2d\u7684Active Protection System 1.82.0.14\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u7cfb\u7edf\u5d4c\u5165\u7684\u63a7\u5236\u5668\u53d1\u9001\u547d\u4ee4\u5229\u7528\u8be5\u6f0f\u6d1e\u5bf9\u7cfb\u7edf\u5b9e\u65bd\u62d2\u7edd\u670d\u52a1\u653b\u51fb\uff0c\u6216\u66f4\u6539\u786c\u4ef6\u529f\u80fd\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Lenovo Thinkpad Active Protection System\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Lenovo ThinkPad Active Protection System \u003c=1.82.0.14"
  },
  "referenceLink": "https://support.lenovo.com/us/zh/product_security/len-13637",
  "serverity": "\u4f4e",
  "submitTime": "2017-06-06",
  "title": "Lenovo Thinkpad Active Protection System\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

VAR-201706-0352

Vulnerability from variot - Updated: 2025-04-20 23:37

In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality. Lenovo Active Protection System Contains vulnerabilities related to authorization, permissions, and access control.Service operation interruption (DoS) There is a possibility of being put into a state. LenovoThinkpad is a portable computer under the Lenovo China company. ActiveProtectionSystem is an autonomous feature that protects the hard drive from damage caused by strong physical shock and vibration. A privilege elevation vulnerability exists in versions of ActiveProtectionSystem prior to 1.82.0.14 in Lenovo Thinkpad

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201706-0352",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "1.63"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "1.73"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "1.82.0.10"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "1.74"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "1.70"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "1.71"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "1.82.0.07"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "1.72"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "1.75"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "1.80.11.00"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.62"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.21"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.32"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.77.0.20"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.77.0.26"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.82.0.06"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.53"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.82.0.03"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.40"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.33b"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.61"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.77.0.9"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.23"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.78.0.11"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80.8.00"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.77.0.5"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.52"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.81.0.08"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.77.0.8"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.77.0.7"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.78.0.10"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.76"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.79.0.03"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.00b"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.54"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.41"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.64"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.22"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.30b"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.01b"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.31"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80.3.00"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.80.1.00"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.51"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.34"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.77.0.11"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.20b"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.78.0.09"
      },
      {
        "model": "active protection system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lenovo",
        "version": "1.50"
      },
      {
        "model": "active protection system",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "lenovo",
        "version": "1.82.0.14"
      },
      {
        "model": "thinkpad active protection system",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "lenovo",
        "version": "\u003c=1.82.0.14"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-08613"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3740"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:lenovo:active_protection_system",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      }
    ]
  },
  "cve": "CVE-2017-3740",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-3740",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 1.9,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.4,
            "id": "CNVD-2017-08613",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "VHN-111943",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.8,
            "id": "CVE-2017-3740",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-3740",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-3740",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-08613",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201706-089",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-111943",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-08613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-111943"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3740"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system\u0027s embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality. Lenovo Active Protection System Contains vulnerabilities related to authorization, permissions, and access control.Service operation interruption (DoS) There is a possibility of being put into a state. LenovoThinkpad is a portable computer under the Lenovo China company. ActiveProtectionSystem is an autonomous feature that protects the hard drive from damage caused by strong physical shock and vibration. A privilege elevation vulnerability exists in versions of ActiveProtectionSystem prior to 1.82.0.14 in Lenovo Thinkpad",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-3740"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-08613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-111943"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-3740",
        "trust": 3.1
      },
      {
        "db": "LENOVO",
        "id": "LEN-13637",
        "trust": 2.3
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004695",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-089",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-08613",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-111943",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-08613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-111943"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3740"
      }
    ]
  },
  "id": "VAR-201706-0352",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-08613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-111943"
      }
    ],
    "trust": 1.2833333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-08613"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:37:55.339000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "LEN-13637",
        "trust": 0.8,
        "url": "https://support.lenovo.com/us/en/product_security/LEN-13637"
      },
      {
        "title": "LenovoThinkpadActiveProtectionSystem privilege escalation vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/94931"
      },
      {
        "title": "Lenovo Thinkpad Active Protection System Fixes for permission permissions and access control vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70750"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-08613"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-089"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-111943"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3740"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://support.lenovo.com/us/en/product_security/len-13637"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3740"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-3740"
      },
      {
        "trust": 0.6,
        "url": "https://support.lenovo.com/us/zh/product_security/len-13637"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-08613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-111943"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3740"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-08613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-111943"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3740"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-06-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-08613"
      },
      {
        "date": "2017-06-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-111943"
      },
      {
        "date": "2017-07-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      },
      {
        "date": "2017-06-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201706-089"
      },
      {
        "date": "2017-06-04T21:29:00.357000",
        "db": "NVD",
        "id": "CVE-2017-3740"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-06-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-08613"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-111943"
      },
      {
        "date": "2017-07-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201706-089"
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-3740"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-089"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Lenovo Active Protection System Vulnerabilities related to authorization, permissions, and access control",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004695"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control issues",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-089"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-3740 (GCVE-0-2017-3740)

GHSA-JJ4C-V9G6-VG2X

GSD-2017-3740

FKIE_CVE-2017-3740

CNVD-2017-08613

VAR-201706-0352

Tags

Sightings

Nomenclature