CVE-2020-8320 | Severity.io

Description

An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege.

Related CPE's

lenovo

thinkpad_11e_yoga_gen_6_firmware

Vulnerable

lenovo

thinkpad_11e_yoga_gen_6

lenovo

thinkpad_11e_firmware

Vulnerable

lenovo

thinkpad_11e

lenovo

thinkpad_yoga_11e_3rd_gen_firmware

Vulnerable

lenovo

thinkpad_yoga_11e_3rd_gen

lenovo

thinkpad_yoga_11e_4th_gen_firmware

Vulnerable

lenovo

thinkpad_yoga_11e_4th_gen

lenovo

thinkpad_yoga_11e_5th_gen_firmware

Vulnerable

lenovo

thinkpad_yoga_11e_5th_gen

lenovo

thinkpad_13_2nd_gen_firmware

Vulnerable

Vulnerable

thinkpad_a275_firmware

Vulnerable

lenovo

thinkpad_a275

lenovo

thinkpad_a285_firmware

Vulnerable

lenovo

thinkpad_a285

lenovo

thinkpad_a475_firmware

Vulnerable

lenovo

thinkpad_a475

lenovo

thinkpad_a485_firmware

Vulnerable

lenovo

thinkpad_a485

lenovo

thinkpad_e14_firmware

Vulnerable

lenovo

thinkpad_e14

lenovo

thinkpad_e15_firmware

Vulnerable

lenovo

thinkpad_e15

lenovo

thinkpad_r14_firmware

Vulnerable

lenovo

thinkpad_r14

lenovo

thinkpad_s3_gen_2_firmware

Vulnerable

lenovo

thinkpad_s3_gen_2

lenovo

thinkpad_e455_firmware

Vulnerable

lenovo

thinkpad_e455

lenovo

thinkpad_e555_firmware

Vulnerable

lenovo

thinkpad_e555

lenovo

thinkpad_e460_firmware

Vulnerable

lenovo

thinkpad_e460

lenovo

thinkpad_e560_firmware

Vulnerable

lenovo

thinkpad_e560

lenovo

thinkpad_e465_firmware

Vulnerable

lenovo

thinkpad_e465

lenovo

thinkpad_e565_firmware

Vulnerable

lenovo

thinkpad_e565

lenovo

thinkpad_e470_firmware

Vulnerable

lenovo

thinkpad_e470

lenovo

thinkpad_e570_firmware

Vulnerable

lenovo

thinkpad_e570

lenovo

thinkpad_e475_firmware

Vulnerable

lenovo

thinkpad_e475

lenovo

thinkpad_e575_firmware

Vulnerable

lenovo

thinkpad_e575

lenovo

thinkpad_e480_firmware

Vulnerable

lenovo

thinkpad_e480

lenovo

thinkpad_e580_firmware

Vulnerable

lenovo

thinkpad_e580

lenovo

thinkpad_e485_firmware

Vulnerable

lenovo

thinkpad_e485

lenovo

thinkpad_e585_firmware

Vulnerable

lenovo

thinkpad_e585

lenovo

thinkpad_e490s_firmware

Vulnerable

Vulnerable

thinkpad_e490_firmware

Vulnerable

lenovo

thinkpad_e490

lenovo

thinkpad_e590_firmware

Vulnerable

lenovo

thinkpad_e590

lenovo

thinkpad_r490_firmware

Vulnerable

lenovo

thinkpad_r490

lenovo

thinkpad_r590_firmware

Vulnerable

lenovo

thinkpad_r590

lenovo

thinkpad_l13_firmware

Vulnerable

lenovo

thinkpad_l13

lenovo

thinkpad_l1415_firmware

Vulnerable

lenovo

thinkpad_l1415

lenovo

thinkpad_l380_firmware

Vulnerable

lenovo

thinkpad_l380

lenovo

thinkpad_s3_3rd_gen_firmware

Vulnerable

lenovo

thinkpad_s3_3rd_gen

lenovo

thinkpad_l380_yoga_firmware

Vulnerable

lenovo

thinkpad_l380_yoga

lenovo

thinkpad_s2_yoga_3rd_gen_firmware

Vulnerable

lenovo

thinkpad_s2_yoga_3rd_gen

lenovo

thinkpad_l390_yoga_firmware

Vulnerable

lenovo

thinkpad_l390_yoga

lenovo

thinkpad_s2_yoga_4th_gen_firmware

Vulnerable

lenovo

thinkpad_s2_yoga_4th_gen

lenovo

thinkpad_l460_firmware

Vulnerable

lenovo

thinkpad_l460

lenovo

thinkpad_l470_firmware

Vulnerable

lenovo

thinkpad_l470

lenovo

thinkpad_l480_firmware

Vulnerable

lenovo

thinkpad_l480

lenovo

thinkpad_l580_firmware

Vulnerable

lenovo

thinkpad_l580

lenovo

thinkpad_l490_firmware

Vulnerable

lenovo

thinkpad_l490

lenovo

thinkpad_l590_firmware

Vulnerable

lenovo

thinkpad_l590

lenovo

thinkpad_l560_firmware

Vulnerable

lenovo

thinkpad_l560

lenovo

thinkpad_l570_firmware

Vulnerable

Vulnerable

thinkpad_p43s_firmware

Vulnerable

lenovo

thinkpad_p43s

lenovo

thinkpad_p50_firmware

Vulnerable

lenovo

thinkpad_p50

lenovo

thinkpad_p50s_firmware

Vulnerable

lenovo

thinkpad_p50s

lenovo

thinkpad_p51_firmware

Vulnerable

lenovo

thinkpad_p51

lenovo

thinkpad_p51s_firmware

Vulnerable

lenovo

thinkpad_p51s

lenovo

thinkpad_p52_firmware

Vulnerable

lenovo

thinkpad_p52

lenovo

thinkpad_p52s_firmware

Vulnerable

lenovo

thinkpad_p52s

lenovo

thinkpad_p53_firmware

Vulnerable

lenovo

thinkpad_p53

lenovo

thinkpad_p53s_firmware

Vulnerable

lenovo

thinkpad_p53s

lenovo

thinkpad_p70_firmware

Vulnerable

lenovo

thinkpad_p70

lenovo

thinkpad_p71_firmware

Vulnerable

lenovo

thinkpad_p71

lenovo

thinkpad_p72_firmware

Vulnerable

lenovo

thinkpad_p72

lenovo

thinkpad_p73_firmware

Vulnerable

lenovo

thinkpad_p73

lenovo

thinkpad_s5_2nd_gen_firmware

Vulnerable

Vulnerable

thinkpad_e560p_firmware

Vulnerable

lenovo

thinkpad_e560p

lenovo

thinkpad_t25_firmware

Vulnerable

lenovo

thinkpad_t25

lenovo

thinkpad_t460_firmware

Vulnerable

lenovo

thinkpad_t460

lenovo

thinkpad_t460p_firmware

Vulnerable

lenovo

thinkpad_t460p

lenovo

thinkpad_t460s_firmware

Vulnerable

lenovo

thinkpad_t460s

lenovo

thinkpad_t470_firmware

Vulnerable

lenovo

thinkpad_t470

lenovo

thinkpad_t470p_firmware

Vulnerable

lenovo

thinkpad_t470p

lenovo

thinkpad_t470s_firmware

Vulnerable

lenovo

thinkpad_t470s

lenovo

thinkpad_t480_firmware

Vulnerable

lenovo

thinkpad_t480

lenovo

thinkpad_t480s_firmware

Vulnerable

lenovo

thinkpad_t480s

lenovo

thinkpad_t490_firmware

Vulnerable

lenovo

thinkpad_t490

lenovo

thinkpad_t490s_firmware

Vulnerable

lenovo

thinkpad_t490s

lenovo

thinkpad_t560_firmware

Vulnerable

lenovo

thinkpad_t560

lenovo

thinkpad_t570_firmware

Vulnerable

lenovo

thinkpad_t570

lenovo

thinkpad_t580_firmware

Vulnerable

lenovo

thinkpad_t580

lenovo

thinkpad_t590_firmware

Vulnerable

lenovo

thinkpad_t590

lenovo

thinkpad_x1_carbon_firmware

Vulnerable

lenovo

thinkpad_x1_carbon

lenovo

thinkpad_x1_yoga_firmware

lenovo

thinkpad_x1_yoga

lenovo

thinkpad_x1_extreme_firmware

Vulnerable

lenovo

thinkpad_x1_extreme

lenovo

thinkpad_x1_tablet_firmware

Vulnerable

lenovo

thinkpad_x1_tablet

lenovo

thinkpad_x260_firmware

Vulnerable

lenovo

thinkpad_x260

lenovo

thinkpad_x270_firmware

Vulnerable

lenovo

thinkpad_x270

lenovo

thinkpad_x280_firmware

Vulnerable

lenovo

thinkpad_x280

lenovo

thinkpad_x380_yoga_firmware

Vulnerable

lenovo

thinkpad_x380_yoga

lenovo

thinkpad_x390_firmware

Vulnerable

lenovo

thinkpad_x390

lenovo

thinkpad_x390_yoga_firmware

Vulnerable

lenovo

thinkpad_x390_yoga

lenovo

thinkpad_x395_firmware

Vulnerable

lenovo

thinkpad_x395

lenovo

thinkpad_yoga_260_firmware

Vulnerable

Vulnerable

thinkpad_yoga_370_firmware

Vulnerable

lenovo

thinkpad_yoga_370

lenovo

thinkpad_s1_3rd_firmware

Vulnerable

lenovo

thinkpad_s1_3rd

lenovo

thinkpad_t495_firmware

Vulnerable

lenovo

thinkpad_t495

lenovo

thinkpad_t495s_firmware

Vulnerable

lenovo

thinkpad_t495s

References

https://support.lenovo.com/us/en/product_security/LEN-30042

Vendor Advisory

Weaknesses

[email protected]

Primary

CWE-269

[email protected]

Secondary

CWE-489

CVSS impact metrics

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 · Medium

CVSS V3.1
CVSS V3.0
CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2020-06-09T20:15:22.117

4 years ago

Last modified

2020-06-17T15:14:07.177

4 years ago