FKIE_CVE-2017-3740
Vulnerability from fkie_nvd - Published: 2017-06-04 21:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.00b:*:*:*:*:*:*:*",
"matchCriteriaId": "F61BE078-322A-45B1-BC57-0A667A86A353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.01b:*:*:*:*:*:*:*",
"matchCriteriaId": "0188B18D-0F09-4CC6-A528-ADE432233C90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.20b:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24478B-239A-4646-A664-5B1A4EE6D973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "FF77DA91-EF59-46ED-9EB6-E405ED53B983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "49E35EE5-BDF4-4444-9427-743C1674E9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A2DFDA-5569-4D5D-8853-B067AE56F1A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.30b:*:*:*:*:*:*:*",
"matchCriteriaId": "75C6B9BE-82AB-4A31-BA1C-EBDF1C16A370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.31:*:*:*:*:*:*:*",
"matchCriteriaId": "C3420702-4410-4421-BB1E-C8CABFDA9074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.32:*:*:*:*:*:*:*",
"matchCriteriaId": "2D4D7922-1832-405C-9263-B3AA06C7FC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.33b:*:*:*:*:*:*:*",
"matchCriteriaId": "7022DD3E-AEBC-4F72-8BA8-F9EBE7410BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.34:*:*:*:*:*:*:*",
"matchCriteriaId": "01AF50B2-3473-43F8-BA67-F97CD19FA9FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.40:*:*:*:*:*:*:*",
"matchCriteriaId": "FBDB2D82-61E8-4540-849B-B026AE64EB44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.41:*:*:*:*:*:*:*",
"matchCriteriaId": "BF622DBD-50C2-46BE-B029-9CE15E3B05F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.50:*:*:*:*:*:*:*",
"matchCriteriaId": "4345A74B-0946-4F81-9C37-0263B521B50F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.51:*:*:*:*:*:*:*",
"matchCriteriaId": "EE678A7B-5BD3-4830-9EE2-28AB71E8A21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.52:*:*:*:*:*:*:*",
"matchCriteriaId": "A23B64DA-B893-479A-94B6-39D826E6900B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.53:*:*:*:*:*:*:*",
"matchCriteriaId": "843DD86D-7030-4E19-AD84-33A73F6F26D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.54:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6FA9AB-0F06-4CA1-BF5A-CD39D0AED14C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.61:*:*:*:*:*:*:*",
"matchCriteriaId": "661251D1-92FF-409F-AA56-949630ADD2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.62:*:*:*:*:*:*:*",
"matchCriteriaId": "75792F99-A17E-4F1B-B8BE-D8B75C040BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.63:*:*:*:*:*:*:*",
"matchCriteriaId": "1BEB1AB1-6780-4043-A7EE-3F6A6D5E1BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.64:*:*:*:*:*:*:*",
"matchCriteriaId": "4C5A0580-93F3-4734-8578-BBE2BA5D9FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.70:*:*:*:*:*:*:*",
"matchCriteriaId": "B54CAF04-1129-43C0-9048-C34056338CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.71:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BB873E-EFC8-4FF6-A0D7-3F6C79F50EE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.72:*:*:*:*:*:*:*",
"matchCriteriaId": "56081A7B-356F-4B53-8527-01C1EDA187D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.73:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9B2A27-8CF5-47CF-B720-74634407C3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.74:*:*:*:*:*:*:*",
"matchCriteriaId": "3C411E94-EBD9-4714-9900-CEBA62B6A036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.75:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C0B207-A92E-4485-A7D7-9B0C8C975959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.76:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9F2770-8A1A-4272-8B80-6543E214C171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6A42ED0A-8245-4852-ABE5-A7728CBFEFA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C4DDD0A8-4D27-48FF-BBEF-52AA116763CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C7537663-CA21-4D35-A96C-579AE7014727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "34141E6D-C36B-45D0-BAEF-BBEA7E3CC93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB4C97C-6B54-4364-A112-3E6A78524D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB9CEE3-2F3F-41E1-B97E-A3070DFCD1AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "98EFE84C-3D95-4CCC-8D86-01C3B46D9A3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "741E8301-04BF-4B96-9443-3687BB8A6DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F129F3-C149-4878-905D-E0ECD4FA926E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F22EDFD-6777-4DF8-BAF5-826C6539DFDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.79.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2B7D48-F446-435B-B5EE-503D96710FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "573F1165-2FB0-4F70-9D06-0ABF9241E5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "72ED63CE-462E-4AF1-BE64-E45BB0091451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.8.00:*:*:*:*:*:*:*",
"matchCriteriaId": "B72A19B2-AA9E-4CFF-842C-1F1FF7AC09E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "D7079EF9-3DE0-4ECE-8727-73191B8A959C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.81.0.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4D6687F6-900C-465D-A76E-45205FE32F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "30033295-5737-4DB2-9E2D-7971D9E51765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.06:*:*:*:*:*:*:*",
"matchCriteriaId": "17B1422B-DFF0-46B4-8CB3-C78E355973F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.07:*:*:*:*:*:*:*",
"matchCriteriaId": "BC391FE6-36C6-4FC0-8FDE-EE7746446AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "79859933-97B2-4169-B389-EF5AAE92741B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system\u0027s embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality."
},
{
"lang": "es",
"value": "En Lenovo Active Protection System anterior a versi\u00f3n 1.82.0.14, un atacante con privilegios locales podr\u00eda enviar comandos al controlador integrado del sistema, lo que podr\u00eda causar un ataque de denegaci\u00f3n de servicio sobre el sistema o la capacidad de alterar la funcionalidad del hardware."
}
],
"id": "CVE-2017-3740",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-04T21:29:00.357",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-13637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-13637"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…