CVE-2021-3616

CRITICAL

Lenovo Smart Camera X3/X5/C2E < 01.03.29.16 - Unauthenticated Info Disclosure & Firmware Modification

Title source: llm
STIX 2.1

Description

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. This vulnerability is the same as CNVD-2020-68651.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_misc
https://iknow.lenovo.com.cn/detail/dc_198417.html
Not Applicable x_refsource_misc
https://www.cnvd.org.cn/flaw/show/CNVD-2020-68651

Scores

CVSS v3 9.4
EPSS 0.0026
EPSS Percentile 49.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Details

CWE
CWE-285
Status published
Products (3)
lenovo/smart_camera_c2e_firmware < 01.03.29.16
lenovo/smart_camera_x3_firmware < 01.03.29.16
lenovo/smart_camera_x5_firmware < 01.03.29.16
Published Aug 17, 2021
Tracked Since Feb 18, 2026