CVE-2026-0421

High CVSS: 7.0

A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads which could result in Secure Boot being disabled even when configured as “On” in the BIOS setup menu. This issue only affects systems where Secure Boot is set to User Mode.

Vendor

Product

CWE

CWE-252

Yayın Tarihi

2026-01-14 23:15:56

Güncelleme

2026-01-16 15:55:33

Source Identifier

psirt@lenovo.com

KEV Date Added

Kategoriler

CWE-252 HIGH 2026

Referanslar

https://support.lenovo.com/us/en/product_security/LEN-210688