CVE-2021-3615

MEDIUM

Lenovo Smart Camera X3 X5 C2E Firmware < 01.03.29.16 - Code Execution via SD Card File

Title source: llm
STIX 2.1

Description

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code execution if a specific file exists on the attached SD card. This vulnerability is the same as CNVD-2021-45262.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_misc
https://iknow.lenovo.com.cn/detail/dc_198417.html
Not Applicable x_refsource_misc
https://www.cnvd.org.cn/flaw/show/CNVD-2021-45262

Scores

CVSS v3 6.6
EPSS 0.0006
EPSS Percentile 17.8%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-94
Status published
Products (3)
lenovo/smart_camera_c2e_firmware < 01.03.29.16
lenovo/smart_camera_x3_firmware < 01.03.29.16
lenovo/smart_camera_x5_firmware < 01.03.29.16
Published Aug 17, 2021
Tracked Since Feb 18, 2026