Lenovo patches UEFI firmware vulnerabilities impacting millions of users

19-Apr-22

The vulnerabilities, dubbed CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, were discovered by ESET researcher Martin Smoler and could be used to deploy and successfully execute UEFI malware either in the form of SPI flash implants like LoJax or ESP implants like ESPecter in the Lenovo Notebook BIOS.

Malicious operations are loaded early in the boot phase on a hacked device. This implies malware can tamper with configuration data, establish persistence, and possibly circumvent security safeguards that are only loaded at the OS level. Read More…