{"containers": {"cna": {"affected": [{"product": "Active Protection System", "vendor": "Lenovo Group Ltd.", "versions": [{"status": "affected", "version": "Earlier than 1.82.0.14"}]}], "datePublic": "2017-04-27T00:00:00", "descriptions": [{"lang": "en", "value": "In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality."}], "problemTypes": [{"descriptions": [{"description": "Denial of Service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-06-02T23:57:01", "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.lenovo.com/us/en/product_security/LEN-13637"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@lenovo.com", "ID": "CVE-2017-3740", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Active Protection System", "version": {"version_data": [{"version_value": "Earlier than 1.82.0.14"}]}}]}, "vendor_name": "Lenovo Group Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service"}]}]}, "references": {"reference_data": [{"name": "https://support.lenovo.com/us/en/product_security/LEN-13637", "refsource": "CONFIRM", "url": "https://support.lenovo.com/us/en/product_security/LEN-13637"}]}}}}, "cveMetadata": {"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "assignerShortName": "lenovo", "cveId": "CVE-2017-3740", "datePublished": "2017-06-03T00:00:00", "dateReserved": "2016-12-16T00:00:00", "dateUpdated": "2017-06-02T23:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.00b:*:*:*:*:*:*:*", "matchCriteriaId": "F61BE078-322A-45B1-BC57-0A667A86A353", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.01b:*:*:*:*:*:*:*", "matchCriteriaId": "0188B18D-0F09-4CC6-A528-ADE432233C90", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.20b:*:*:*:*:*:*:*", "matchCriteriaId": "1D24478B-239A-4646-A664-5B1A4EE6D973", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.21:*:*:*:*:*:*:*", "matchCriteriaId": "FF77DA91-EF59-46ED-9EB6-E405ED53B983", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.22:*:*:*:*:*:*:*", "matchCriteriaId": "49E35EE5-BDF4-4444-9427-743C1674E9E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.23:*:*:*:*:*:*:*", "matchCriteriaId": "F1A2DFDA-5569-4D5D-8853-B067AE56F1A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.30b:*:*:*:*:*:*:*", "matchCriteriaId": "75C6B9BE-82AB-4A31-BA1C-EBDF1C16A370", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.31:*:*:*:*:*:*:*", "matchCriteriaId": "C3420702-4410-4421-BB1E-C8CABFDA9074", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.32:*:*:*:*:*:*:*", "matchCriteriaId": "2D4D7922-1832-405C-9263-B3AA06C7FC9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.33b:*:*:*:*:*:*:*", "matchCriteriaId": "7022DD3E-AEBC-4F72-8BA8-F9EBE7410BA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.34:*:*:*:*:*:*:*", "matchCriteriaId": "01AF50B2-3473-43F8-BA67-F97CD19FA9FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.40:*:*:*:*:*:*:*", "matchCriteriaId": "FBDB2D82-61E8-4540-849B-B026AE64EB44", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.41:*:*:*:*:*:*:*", "matchCriteriaId": "BF622DBD-50C2-46BE-B029-9CE15E3B05F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.50:*:*:*:*:*:*:*", "matchCriteriaId": "4345A74B-0946-4F81-9C37-0263B521B50F", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.51:*:*:*:*:*:*:*", "matchCriteriaId": "EE678A7B-5BD3-4830-9EE2-28AB71E8A21C", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.52:*:*:*:*:*:*:*", "matchCriteriaId": "A23B64DA-B893-479A-94B6-39D826E6900B", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.53:*:*:*:*:*:*:*", "matchCriteriaId": "843DD86D-7030-4E19-AD84-33A73F6F26D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.54:*:*:*:*:*:*:*", "matchCriteriaId": "0C6FA9AB-0F06-4CA1-BF5A-CD39D0AED14C", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.61:*:*:*:*:*:*:*", "matchCriteriaId": "661251D1-92FF-409F-AA56-949630ADD2B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.62:*:*:*:*:*:*:*", "matchCriteriaId": "75792F99-A17E-4F1B-B8BE-D8B75C040BD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.63:*:*:*:*:*:*:*", "matchCriteriaId": "1BEB1AB1-6780-4043-A7EE-3F6A6D5E1BCA", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.64:*:*:*:*:*:*:*", "matchCriteriaId": "4C5A0580-93F3-4734-8578-BBE2BA5D9FCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.70:*:*:*:*:*:*:*", "matchCriteriaId": "B54CAF04-1129-43C0-9048-C34056338CB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.71:*:*:*:*:*:*:*", "matchCriteriaId": "C8BB873E-EFC8-4FF6-A0D7-3F6C79F50EE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.72:*:*:*:*:*:*:*", "matchCriteriaId": "56081A7B-356F-4B53-8527-01C1EDA187D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.73:*:*:*:*:*:*:*", "matchCriteriaId": "CF9B2A27-8CF5-47CF-B720-74634407C3A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.74:*:*:*:*:*:*:*", "matchCriteriaId": "3C411E94-EBD9-4714-9900-CEBA62B6A036", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.75:*:*:*:*:*:*:*", "matchCriteriaId": "B8C0B207-A92E-4485-A7D7-9B0C8C975959", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.76:*:*:*:*:*:*:*", "matchCriteriaId": "2D9F2770-8A1A-4272-8B80-6543E214C171", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "6A42ED0A-8245-4852-ABE5-A7728CBFEFA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C4DDD0A8-4D27-48FF-BBEF-52AA116763CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "C7537663-CA21-4D35-A96C-579AE7014727", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "34141E6D-C36B-45D0-BAEF-BBEA7E3CC93A", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EB4C97C-6B54-4364-A112-3E6A78524D0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "ADB9CEE3-2F3F-41E1-B97E-A3070DFCD1AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.77.0.26:*:*:*:*:*:*:*", "matchCriteriaId": "98EFE84C-3D95-4CCC-8D86-01C3B46D9A3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.09:*:*:*:*:*:*:*", "matchCriteriaId": "741E8301-04BF-4B96-9443-3687BB8A6DAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "C8F129F3-C149-4878-905D-E0ECD4FA926E", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.78.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "2F22EDFD-6777-4DF8-BAF5-826C6539DFDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.79.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "5F2B7D48-F446-435B-B5EE-503D96710FB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.1.00:*:*:*:*:*:*:*", "matchCriteriaId": "573F1165-2FB0-4F70-9D06-0ABF9241E5A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.3.00:*:*:*:*:*:*:*", "matchCriteriaId": "72ED63CE-462E-4AF1-BE64-E45BB0091451", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.8.00:*:*:*:*:*:*:*", "matchCriteriaId": "B72A19B2-AA9E-4CFF-842C-1F1FF7AC09E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.80.11.00:*:*:*:*:*:*:*", "matchCriteriaId": "D7079EF9-3DE0-4ECE-8727-73191B8A959C", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.81.0.08:*:*:*:*:*:*:*", "matchCriteriaId": "4D6687F6-900C-465D-A76E-45205FE32F5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "30033295-5737-4DB2-9E2D-7971D9E51765", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.06:*:*:*:*:*:*:*", "matchCriteriaId": "17B1422B-DFF0-46B4-8CB3-C78E355973F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.07:*:*:*:*:*:*:*", "matchCriteriaId": "BC391FE6-36C6-4FC0-8FDE-EE7746446AC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:lenovo:active_protection_system:1.82.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "79859933-97B2-4169-B389-EF5AAE92741B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality."}, {"lang": "es", "value": "En Lenovo Active Protection System anterior a versi\u00f3n 1.82.0.14, un atacante con privilegios locales podr\u00eda enviar comandos al controlador integrado del sistema, lo que podr\u00eda causar un ataque de denegaci\u00f3n de servicio sobre el sistema o la capacidad de alterar la funcionalidad del hardware."}], "id": "CVE-2017-3740", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-06-04T21:29:00.357", "references": [{"source": "psirt@lenovo.com", "tags": ["Vendor Advisory"], "url": "https://support.lenovo.com/us/en/product_security/LEN-13637"}], "sourceIdentifier": "psirt@lenovo.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}