Lenovo BIOS Vulnerabilities Audit

Find Devices Vulnerable to Lenovo BIOS Vulnerabilities

Lenovo disclosed information on 3 vulnerabilities affecting multiple Lenovo models.

  • CVE-2021-3970: A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code.
  • CVE-2021-3971: A potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify firmware protection region by modifying an NVRAM variable.
  • CVE-2021-3972: A potential vulnerability by a driver used during the manufacturing process on some consumer Lenovo Notebook devices that were mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.

 

 

Lenovo released new BIOS versions for all affected devices, the report below will provide a list of all Lenovo models which are affected along with their BIOS details.

Lenovo BIOS Vulnerabilities Audit Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.Version,
tblBIOS.Caption,
tblBIOS.SMBIOSBIOSVersion, 
tblBIOS.SMBIOSMajorVersion, 
tblBIOS.SMBIOSMinorVersion, 
tblBIOS.ReleaseDate,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Left join tblBIOS on tblbios.AssetID = tblassets.AssetID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblState.Statename = 'Active' and tblAssetCustom.Manufacturer like '%lenovo%' and 
(tblAssetCustom.Model like '%Flex%3%11ADA05%' or
tblAssetCustom.Model like '%IdeaPad%3%15ADA05%' or
tblAssetCustom.Model like '%IdeaPad%3%14ADA05%' or
tblAssetCustom.Model like '%IdeaPad%3%14ADA6%' or
tblAssetCustom.Model like '%IdeaPad%3%14ALC6%' or
tblAssetCustom.Model like '%IdeaPad%3%14ARE05%' or
tblAssetCustom.Model like '%IdeaPad%3%14ARE05%' or
tblAssetCustom.Model like '%IdeaPad%3%15ADA6%' or
tblAssetCustom.Model like '%IdeaPad%3%15ALC6%' or
tblAssetCustom.Model like '%IdeaPad%3%15ARE05%' or
tblAssetCustom.Model like '%IdeaPad%3%15ARE05%' or
tblAssetCustom.Model like '%IdeaPad%3%15IGL05%' or
tblAssetCustom.Model like '%IdeaPad%3%17ADA05%' or
tblAssetCustom.Model like '%IdeaPad%3%17ADA6%' or
tblAssetCustom.Model like '%IdeaPad%3%17ALC6%' or
tblAssetCustom.Model like '%IdeaPad%3%17ARE05%' or
tblAssetCustom.Model like '%IdeaPad%3%17ARE05%' or
tblAssetCustom.Model like '%IdeaPad%3%17IIL05%' or
tblAssetCustom.Model like '%IdeaPad%3%17ITL6%' or
tblAssetCustom.Model like '%L3%15IML05%' or
tblAssetCustom.Model like '%L3%15ITL6%' or
tblAssetCustom.Model like '%L340%15IRH%Gaming%' or
tblAssetCustom.Model like '%L340%15IWL%' or
tblAssetCustom.Model like '%L340%15IWL%Touch%' or
tblAssetCustom.Model like '%L340%17IRH%Gaming%' or
tblAssetCustom.Model like '%L340%17IWL%' or
tblAssetCustom.Model like '%Legion%5%Pro%16ACH6%' or
tblAssetCustom.Model like '%Legion%5%Pro%16ACH6H%' or
tblAssetCustom.Model like '%Legion%5%Pro%16ITH6%' or
tblAssetCustom.Model like '%Legion%5%Pro%16ITH6H%' or
tblAssetCustom.Model like '%Legion%5%15ACH6%' or
tblAssetCustom.Model like '%Legion%5%15ACH6A%' or
tblAssetCustom.Model like '%Legion%5%15ACH6H%' or
tblAssetCustom.Model like '%Legion%5%15IMH6%' or
tblAssetCustom.Model like '%Legion%5%15ITH6%' or
tblAssetCustom.Model like '%Legion%5%15ITH6H%' or
tblAssetCustom.Model like '%Legion%5%17ACH6%' or
tblAssetCustom.Model like '%Legion%5%17ACH6H%' or
tblAssetCustom.Model like '%Legion%5%17ITH6%' or
tblAssetCustom.Model like '%Legion%5%17ITH6H%' or
tblAssetCustom.Model like '%Legion%7%16ACHg6%' or
tblAssetCustom.Model like '%Legion%7%16ACHg6%' or
tblAssetCustom.Model like '%Legion%7%16ITHg6%' or
tblAssetCustom.Model like '%Legion%S7%15ACH6%' or
tblAssetCustom.Model like '%Legion%S7%15ARH5%' or
tblAssetCustom.Model like '%Legion%S7%15IMH5%' or
tblAssetCustom.Model like '%Legion%Y540%15IRH%' or
tblAssetCustom.Model like '%Legion%Y540%15IRH%PG0%' or
tblAssetCustom.Model like '%Legion%Y540%17IRH%' or
tblAssetCustom.Model like '%Legion%Y540%17IRH%PG0%' or
tblAssetCustom.Model like '%Legion%Y545%' or
tblAssetCustom.Model like '%Legion%Y545%PG0%' or
tblAssetCustom.Model like '%Legion%Y7000%2019%' or
tblAssetCustom.Model like '%Legion%Y7000%2019%PG0%' or
tblAssetCustom.Model like '%Lenovo%S14%G2%ITL%' or
tblAssetCustom.Model like '%S145%14API%' or
tblAssetCustom.Model like '%S145%14AST%' or
tblAssetCustom.Model like '%S145%14IGM%' or
tblAssetCustom.Model like '%S145%14IIL%' or
tblAssetCustom.Model like '%S145%15API%' or
tblAssetCustom.Model like '%S145%15AST%' or
tblAssetCustom.Model like '%S145%15AST%' or
tblAssetCustom.Model like '%S145%15IGM%' or
tblAssetCustom.Model like '%S145%15IIL%' or
tblAssetCustom.Model like '%S540%13API%' or
tblAssetCustom.Model like '%S540%13IML%' or
tblAssetCustom.Model like '%Slim%7%Pro%14IHU5%' or
tblAssetCustom.Model like '%Slim%9%14ITL05%' or
tblAssetCustom.Model like '%V14%G1%IML%' or
tblAssetCustom.Model like '%V14%G2%ALC%' or
tblAssetCustom.Model like '%V14%G2%ITL%' or
tblAssetCustom.Model like '%V14%ADA%' or
tblAssetCustom.Model like '%V14%ARE%' or
tblAssetCustom.Model like '%V14%ARE%' or
tblAssetCustom.Model like '%V14%IGL%' or
tblAssetCustom.Model like '%V14%IIL%' or
tblAssetCustom.Model like '%V140%15IWL%' or
tblAssetCustom.Model like '%V15%G1%IML%' or
tblAssetCustom.Model like '%V15%G2%ALC%' or
tblAssetCustom.Model like '%V15%G2%ITL%' or
tblAssetCustom.Model like '%V15%ADA%' or
tblAssetCustom.Model like '%V15%IGL%' or
tblAssetCustom.Model like '%V15%IIL%' or
tblAssetCustom.Model like '%V17%G2%ITL%' or
tblAssetCustom.Model like '%V17%IIL%' or
tblAssetCustom.Model like '%V340%17IWL%' or
tblAssetCustom.Model like '%Yoga%7%14ACN6%' or
tblAssetCustom.Model like '%Yoga%C740%14IML%' or
tblAssetCustom.Model like '%Yoga%C740%15IML%' or
tblAssetCustom.Model like '%Yoga%C940%14IIL%' or
tblAssetCustom.Model like '%Yoga%Slim%7%Pro%14ACH5%D%' or
tblAssetCustom.Model like '%Yoga%Slim%7%Pro%14ACH5%' or
tblAssetCustom.Model like '%Yoga%Slim%7%Pro%14ACH5%O%' or
tblAssetCustom.Model like '%Yoga%Slim%7%Pro%14ACH5%OD%' or
tblAssetCustom.Model like '%Yoga%Slim%7%Pro%14ARH5%' or
tblAssetCustom.Model like '%Yoga%Slim%7%Pro%14IHU5%' or
tblAssetCustom.Model like '%Yoga%Slim%7%Pro%14IHU5%O%' or
tblAssetCustom.Model like '%Yoga%Slim%7%Pro%14ITL5%' or
tblAssetCustom.Model like '%Yoga%Slim%9%14ITL05%' or
tblAssetCustom.Model like '%ideapad%3%14IGL05%' or
tblAssetCustom.Model like '%ideapad%3%14IIL05%' or
tblAssetCustom.Model like '%ideapad%3%14IML05%' or
tblAssetCustom.Model like '%ideapad%3%14ITL05%' or
tblAssetCustom.Model like '%ideapad%3%14ITL6%' or
tblAssetCustom.Model like '%ideapad%3%15IIL05%' or
tblAssetCustom.Model like '%ideapad%3%15IML05%' or
tblAssetCustom.Model like '%ideapad%3%15ITL05%' or
tblAssetCustom.Model like '%ideapad%3%15ITL6%' or
tblAssetCustom.Model like '%ideapad%3%17IML05%' or
tblAssetCustom.Model like '%ideapad%5%15ARE05%' or
tblAssetCustom.Model like '%ideapad%5%15IIL05%' or
tblAssetCustom.Model like '%ideapad%Creator%5%15IMH05%' or
tblAssetCustom.Model like '%ideapad%Gaming%3%15ARH05%' or
tblAssetCustom.Model like '%ideapad%Gaming%3%15IMH05%')
Order By tblAssets.Domain,
tblAssets.AssetName

Audit and Take Action in 3 Easy Steps

1. Download & Install Lansweeper

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit