![lenovo sata drivers windows 10 lenovo sata drivers windows 10](https://helgeklein.com/wp-content/uploads/2016/06/Lenovo-Yoga-900-under-the-cover-2.jpg)
![lenovo sata drivers windows 10 lenovo sata drivers windows 10](https://tencomputer.com/wp-content/uploads/2018/11/update-display-driver-in-driver-booster.jpg)
CVE-2021-3970 LenovoVariableSmm – SMM arbitrary read/write.Lenovo confirmed the vulnerabilities on November 17 th, 2021, and assigned them the following CVEs: The list of such EODS devices that we have been able to identify will be available in ESET’s vulnerability disclosures repository. This includes devices where we spotted reported vulnerabilities for the first time: Ideapad 330-15IGM and Ideapad 110-15IGR. In addition to the models listed in the advisory, several other devices we reported to Lenovo are also affected, but won’t be fixed due to them reaching End Of Development Support (EODS).
LENOVO SATA DRIVERS WINDOWS 10 FULL
The full list of affected models with active development support is published in the Lenovo Advisory. Altogether, the list of affected devices contains more than one hundred different consumer laptop models with millions of users worldwide, from affordable models like Ideapad-3 to more advanced ones like Legion 5 Pro-16ACH6 H or Yoga Slim 9-14ITL05. We reported all discovered vulnerabilities to Lenovo on October 11 th, 2021.
LENOVO SATA DRIVERS WINDOWS 10 CODE
This vulnerability allows arbitrary read/write from/into SMRAM, which can lead to the execution of malicious code with SMM privileges and potentially lead to the deployment of an SPI flash implant. In addition, while investigating above mentioned vulnerable drivers, we discovered the third vulnerability: SMM memory corruption inside the SW SMI handler function ( CVE-2021-3970). As it turned out, their functionality was even more interesting and could be abused to disable UEFI Secure Boot ( CVE-2021-3972). After some initial analysis, we discovered other Lenovo drivers sharing a few common characteristics with the SecureBackDoor* drivers: ChgBootDxeHook and ChgBootSmm. These drivers immediately caught our attention by their very unfortunate (but surprisingly honest) names: SecureBackDoor and SecureBackDoorPeim. To understand how we were able to find these vulnerabilities, consider the firmware drivers affected by CVE‑2021-3971.
![lenovo sata drivers windows 10 lenovo sata drivers windows 10](https://insyncmicro.com/47972-large_default/lenovo-04x4424-serial-ata-iii-solid-state-drive.jpg)
It means that exploitation of these vulnerabilities would allow attackers to deploy and successfully execute SPI flash or ESP implants, like LoJax or our latest UEFI malware discovery ESPecter, on the affected devices. These affected firmware drivers can be activated by attacker to directly disable SPI flash protections (BIOS Control Register bits and Protected Range registers) or the UEFI Secure Boot feature from a privileged user-mode process during OS runtime. Unfortunately, they were mistakenly included also in the production BIOS images without being properly deactivated. The first two of these vulnerabilities – CVE-2021-3971, CVE-2021-3972 – affect UEFI firmware drivers originally meant to be used only during the manufacturing process of Lenovo consumer notebooks. ESET researchers discover multiple vulnerabilities in various Lenovo laptop models that allow an attacker with admin privileges to expose the user to firmware-level malwareĮSET researchers have discovered and analyzed three vulnerabilities affecting various Lenovo consumer laptop models.