HIGHCVE-2026-0421Published Modified CNA lenovo
CVE-2026-0421: A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads which could result in Secure Boot being disabled even when configured as “On” in the BIOS setup menu
A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads which could result in Secure Boot being disabled even when configured as “On” in the BIOS setup menu. This issue only affects systems where Secure Boot is set to User Mode.
Metrics
- CVSS v4.0
- 7.0
- Severity
- HIGH
- Fixed in
- 1.06
- Affected Products
- 4
Fix available
1.061.10
Affected packages
- Lenovo / ThinkPad L13 Gen 6 BIOS< 1.10 (from 0)
- Lenovo / ThinkPad L13 Gen 6 2 in 1 BIOS< 1.10 (from 0)
- Lenovo / ThinkPad L14 Gen 6 BIOS< 1.06 (from 0)
- Lenovo / ThinkPad L16 Gen 2 BIOS< 1.06 (from 0)
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences