CVE-2017-3740

Published Jun 4, 2017
Last updated 20 days ago
CVSS medium 5.5
Overview

Description: In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.
Source: psirt@lenovo.com
NVD status: Deferred
Risk scores

CVSS 3.0

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4.9
Impact score: 6.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:N/A:C
Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.00b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F61BE078-322A-45B1-BC57-0A667A86A353"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.01b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0188B18D-0F09-4CC6-A528-ADE432233C90"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.20b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D24478B-239A-4646-A664-5B1A4EE6D973"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF77DA91-EF59-46ED-9EB6-E405ED53B983"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49E35EE5-BDF4-4444-9427-743C1674E9E2"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1A2DFDA-5569-4D5D-8853-B067AE56F1A6"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.30b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75C6B9BE-82AB-4A31-BA1C-EBDF1C16A370"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3420702-4410-4421-BB1E-C8CABFDA9074"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D4D7922-1832-405C-9263-B3AA06C7FC9E"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.33b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7022DD3E-AEBC-4F72-8BA8-F9EBE7410BA8"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01AF50B2-3473-43F8-BA67-F97CD19FA9FE"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBDB2D82-61E8-4540-849B-B026AE64EB44"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF622DBD-50C2-46BE-B029-9CE15E3B05F0"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4345A74B-0946-4F81-9C37-0263B521B50F"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE678A7B-5BD3-4830-9EE2-28AB71E8A21C"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.52:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A23B64DA-B893-479A-94B6-39D826E6900B"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "843DD86D-7030-4E19-AD84-33A73F6F26D6"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.54:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C6FA9AB-0F06-4CA1-BF5A-CD39D0AED14C"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.61:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "661251D1-92FF-409F-AA56-949630ADD2B1"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.62:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75792F99-A17E-4F1B-B8BE-D8B75C040BD9"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.63:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BEB1AB1-6780-4043-A7EE-3F6A6D5E1BCA"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.64:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C5A0580-93F3-4734-8578-BBE2BA5D9FCF"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.70:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B54CAF04-1129-43C0-9048-C34056338CB7"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.71:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8BB873E-EFC8-4FF6-A0D7-3F6C79F50EE4"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.72:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56081A7B-356F-4B53-8527-01C1EDA187D1"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.73:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF9B2A27-8CF5-47CF-B720-74634407C3A1"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.74:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C411E94-EBD9-4714-9900-CEBA62B6A036"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.75:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8C0B207-A92E-4485-A7D7-9B0C8C975959"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.76:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D9F2770-8A1A-4272-8B80-6543E214C171"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A42ED0A-8245-4852-ABE5-A7728CBFEFA1"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4DDD0A8-4D27-48FF-BBEF-52AA116763CA"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7537663-CA21-4D35-A96C-579AE7014727"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34141E6D-C36B-45D0-BAEF-BBEA7E3CC93A"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EB4C97C-6B54-4364-A112-3E6A78524D0A"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADB9CEE3-2F3F-41E1-B97E-A3070DFCD1AB"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98EFE84C-3D95-4CCC-8D86-01C3B46D9A3A"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.09:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "741E8301-04BF-4B96-9443-3687BB8A6DAC"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8F129F3-C149-4878-905D-E0ECD4FA926E"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F22EDFD-6777-4DF8-BAF5-826C6539DFDD"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.79.0.03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F2B7D48-F446-435B-B5EE-503D96710FB0"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.1.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "573F1165-2FB0-4F70-9D06-0ABF9241E5A1"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.3.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72ED63CE-462E-4AF1-BE64-E45BB0091451"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.8.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B72A19B2-AA9E-4CFF-842C-1F1FF7AC09E7"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.11.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7079EF9-3DE0-4ECE-8727-73191B8A959C"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.81.0.08:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D6687F6-900C-465D-A76E-45205FE32F5E"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30033295-5737-4DB2-9E2D-7971D9E51765"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.06:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17B1422B-DFF0-46B4-8CB3-C78E355973F8"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.07:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC391FE6-36C6-4FC0-8FDE-EE7746446AC9"
          },
          {
            "criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79859933-97B2-4169-B389-EF5AAE92741B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
