CVE-2021-42852 - Lenovo A1 Firmware, Lenovo T2 Firmware and Lenovo T2pro Firmware

Critical 8.0

A command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execute operating system commands by sending a crafted packet to the device.

Affected software

Lenovo A1 Firmware

Lenovo T2 Firmware

Lenovo T2pro Firmware

Lenovo T1 Firmware

Lenovo X1 Firmware

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.