Secure Boot CVE-2026-0421
MEDIUMSeverity by source
AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads which could result in Secure Boot being disabled even when configured as “On” in the BIOS setup menu. This issue only affects systems where Secure Boot is set to User Mode.
AnalysisAI
Secure Boot bypass in iOS allows local privileged users to disable Secure Boot protections even when explicitly configured as enabled in BIOS, affecting systems with Secure Boot set to User Mode. An attacker with high-level system access and user interaction can circumvent boot-time security protections, potentially enabling unsigned code execution. No patch is currently available for this medium-severity vulnerability.
Technical ContextAI
Classified as CWE-252 (Unchecked Return Value). A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads which could result in Secure Boot being disabled even when configured as “On” in the BIOS setup menu. This issue only affects systems where Secure Boot is set to User Mode.
Affected ProductsAI
A potential vulnerability was reported in the BIOS of L13 Gen 6, L13 Gen 6 2-in-1, L14 Gen 6, and L16 Gen 2 ThinkPads which could result in Secure Boo
RemediationAI
Monitor vendor advisories for a patch.
Same weakness CWE-252 – Unchecked Return Value
View allShare
External POC / Exploit Code
Leaving vuln.today