Lucene search
HistoryJun 09, 2020 - 8:15 p.m.
CVE-2020-8320
cve-2020-8320
internal shell
bios
privilege escalation
thinkpad
nvd
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.8%
An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege.
Affected configurations
Node
lenovothinkpad_11e_yoga_gen_6Match-
lenovothinkpad_11e_yoga_gen_6_firmwareRange<2020-07-10
Node
lenovothinkpad_11eMatch-
lenovothinkpad_11e_firmwareRange<2020-07-10
Node
lenovothinkpad_yoga_11e_3rd_genMatch-
lenovothinkpad_yoga_11e_3rd_gen_firmwareRange<2020-07-10
Node
lenovothinkpad_yoga_11e_4th_genMatch-
lenovothinkpad_yoga_11e_4th_gen_firmwareRange<2020-07-10
Node
lenovothinkpad_yoga_11e_5th_genMatch-
lenovothinkpad_yoga_11e_5th_gen_firmwareRange<2020-07-10
Node
lenovothinkpad_13_2nd_genMatch-
lenovothinkpad_13_2nd_gen_firmwareRange<2020-07-10
Node
lenovothinkpad_13Match-
lenovothinkpad_13_firmwareRange<2020-07-10
Node
lenovothinkpad_a275Match-
lenovothinkpad_a275_firmwareRange<2020-07-10
Node
lenovothinkpad_a285_firmwareRange<2020-07-10
lenovothinkpad_a285Match-
Node
lenovothinkpad_a475_firmwareRange<2020-07-10
lenovothinkpad_a475Match-
Node
lenovothinkpad_a485_firmwareRange<2020-07-10
lenovothinkpad_a485Match-
Node
lenovothinkpad_e14_firmwareRange<2020-07-10
lenovothinkpad_e14Match-
Node
lenovothinkpad_e15_firmwareRange<2020-07-10
lenovothinkpad_e15Match-
Node
lenovothinkpad_r14_firmwareRange<2020-07-10
lenovothinkpad_r14Match-
Node
lenovothinkpad_s3_gen_2_firmwareRange<2020-07-10
lenovothinkpad_s3_gen_2Match-
Node
lenovothinkpad_e455_firmwareRange<2020-07-10
lenovothinkpad_e455Match-
Node
lenovothinkpad_e555_firmwareRange<2020-07-10
lenovothinkpad_e555Match-
Node
lenovothinkpad_e460_firmwareRange<2020-07-10
lenovothinkpad_e460Match-
Node
lenovothinkpad_e560_firmwareRange<2020-07-10
lenovothinkpad_e560Match-
Node
lenovothinkpad_e465_firmwareRange<2020-07-10
lenovothinkpad_e465Match-
Node
lenovothinkpad_e565_firmwareRange<2020-07-10
lenovothinkpad_e565Match-
Node
lenovothinkpad_e470_firmwareRange<2020-07-10
lenovothinkpad_e470Match-
Node
lenovothinkpad_e570_firmwareRange<2020-07-10
lenovothinkpad_e570Match-
Node
lenovothinkpad_e475_firmwareRange<2020-07-10
lenovothinkpad_e475Match-
Node
lenovothinkpad_e575_firmwareRange<2020-07-10
lenovothinkpad_e575Match-
Node
lenovothinkpad_e480_firmwareRange<2020-07-10
lenovothinkpad_e480Match-
Node
lenovothinkpad_e580_firmwareRange<2020-07-10
lenovothinkpad_e580Match-
Node
lenovothinkpad_e485_firmwareRange<2020-07-10
lenovothinkpad_e485Match-
Node
lenovothinkpad_e585_firmwareRange<2020-07-10
lenovothinkpad_e585Match-
Node
lenovothinkpad_e490s_firmwareRange<2020-07-10
lenovothinkpad_e490sMatch-
Node
lenovothinkpad_s3_firmwareRange<2020-07-10
lenovothinkpad_s3Match-
Node
lenovothinkpad_e490_firmwareRange<2020-07-10
lenovothinkpad_e490Match-
Node
lenovothinkpad_e590_firmwareRange<2020-07-10
lenovothinkpad_e590Match-
Node
lenovothinkpad_r490_firmwareRange<2020-07-10
lenovothinkpad_r490Match-
Node
lenovothinkpad_r590_firmwareRange<2020-07-10
lenovothinkpad_r590Match-
Node
lenovothinkpad_l13_firmwareRange<2020-07-10
lenovothinkpad_l13Match-
Node
lenovothinkpad_l1415_firmwareRange<2020-07-10
lenovothinkpad_l1415Match-
Node
lenovothinkpad_l380_firmwareRange<2020-07-10
lenovothinkpad_l380Match-
Node
lenovothinkpad_s3_3rd_gen_firmwareRange<2020-07-10
lenovothinkpad_s3_3rd_genMatch-
Node
lenovothinkpad_l380_yoga_firmwareRange<2020-07-10
lenovothinkpad_l380_yogaMatch-
Node
lenovothinkpad_s2_yoga_3rd_gen_firmwareRange<2020-07-10
lenovothinkpad_s2_yoga_3rd_genMatch-
Node
lenovothinkpad_l390_yoga_firmwareRange<2020-07-10
lenovothinkpad_l390_yogaMatch-
Node
lenovothinkpad_s2_yoga_4th_gen_firmwareRange<2020-07-10
lenovothinkpad_s2_yoga_4th_genMatch-
Node
lenovothinkpad_l460_firmwareRange<2020-07-10
lenovothinkpad_l460Match-
Node
lenovothinkpad_l470_firmwareRange<2020-07-10
lenovothinkpad_l470Match-
Node
lenovothinkpad_l480_firmwareRange<2020-07-10
lenovothinkpad_l480Match-
Node
lenovothinkpad_l580_firmwareRange<2020-07-10
lenovothinkpad_l580Match-
Node
lenovothinkpad_l490_firmwareRange<2020-07-10
lenovothinkpad_l490Match-
Node
lenovothinkpad_l590_firmwareRange<2020-07-10
lenovothinkpad_l590Match-
Node
lenovothinkpad_l560_firmwareRange<2020-07-03
lenovothinkpad_l560Match-
Node
lenovothinkpad_l570_firmwareRange<2020-07-10
lenovothinkpad_l570Match-
Node
lenovothinkpad_p1_firmwareRange<n2eet46w
lenovothinkpad_p1Match-
Node
lenovothinkpad_p43s_firmwareRange<n2iet87w
lenovothinkpad_p43sMatch-
Node
lenovothinkpad_p50_firmwareRange<2020-07-17
lenovothinkpad_p50Match-
Node
lenovothinkpad_p50s_firmwareRange<2020-07-24
lenovothinkpad_p50sMatch-
Node
lenovothinkpad_p51_firmwareRange<2020-07-03
lenovothinkpad_p51Match-
Node
lenovothinkpad_p51sMatch-
lenovothinkpad_p51s_firmwareRange<2020-07-03
Node
lenovothinkpad_p52Match-
lenovothinkpad_p52_firmwareRange<n2cet51w
Node
lenovothinkpad_p52sMatch-
lenovothinkpad_p52s_firmwareRange<2020-07-03
Node
lenovothinkpad_p53Match-
lenovothinkpad_p53_firmwareRange<n2net37w
Node
lenovothinkpad_p53sMatch-
lenovothinkpad_p53s_firmwareRange<n2iet87w
Node
lenovothinkpad_p70Match-
lenovothinkpad_p70_firmwareRange<2020-07-17
Node
lenovothinkpad_p71Match-
lenovothinkpad_p71_firmwareRange≤2020-07-17
Node
lenovothinkpad_p72Match-
lenovothinkpad_p72_firmwareRange<n2cet51w
Node
lenovothinkpad_p73_firmwareRange<n2net37w
lenovothinkpad_p73Match-
Node
lenovothinkpad_s5_2nd_gen_firmwareRange<2020-07-10
lenovothinkpad_s5_2nd_genMatch-
Node
lenovothinkpad_s5_firmwareRange<2020-07-10
lenovothinkpad_s5Match-
Node
lenovothinkpad_e560p_firmwareRange<2020-07-10
lenovothinkpad_e560pMatch-
Node
lenovothinkpad_t25_firmwareRange<n1qet87w
lenovothinkpad_t25Match-
Node
lenovothinkpad_t460_firmwareRange<2020-07-10
lenovothinkpad_t460Match-
Node
lenovothinkpad_t460p_firmwareRange<2020-07-10
lenovothinkpad_t460pMatch-
Node
lenovothinkpad_t460s_firmwareRange<2020-06-19
lenovothinkpad_t460sMatch-
Node
lenovothinkpad_t470_firmwareRange<n1qet87w
lenovothinkpad_t470Match-
Node
lenovothinkpad_t470p_firmwareRange<2020-07-10
lenovothinkpad_t470pMatch-
Node
lenovothinkpad_t470s_firmwareRange<n1wet58w
lenovothinkpad_t470sMatch-
Node
lenovothinkpad_t480_firmwareRange<n24et56w
lenovothinkpad_t480Match-
Node
lenovothinkpad_t480s_firmwareRange<n22et62w
lenovothinkpad_t480sMatch-
Node
lenovothinkpad_t490_firmwareRange<n2iet87w
lenovothinkpad_t490Match-
Node
lenovothinkpad_t490s_firmwareRange<n2jet87w
lenovothinkpad_t490sMatch-
Node
lenovothinkpad_t560_firmwareRange<2020-07-24
lenovothinkpad_t560Match-
Node
lenovothinkpad_t570_firmwareRange<2020-07-03
lenovothinkpad_t570Match-
Node
lenovothinkpad_t580_firmwareRange<2020-07-03
lenovothinkpad_t580Match-
Node
lenovothinkpad_t590_firmwareRange<n2iet87w
lenovothinkpad_t590Match-
Node
lenovothinkpad_x1_carbon_firmwareRange<n1met60w
lenovothinkpad_x1_carbonMatch-
Node
lenovothinkpad_x1_yoga_firmwareRange<2020-07-17
lenovothinkpad_x1_yogaMatch-
Node
lenovothinkpad_x1_extreme_firmwareRange<n2oet43w
lenovothinkpad_x1_extremeMatch-
Node
lenovothinkpad_x1_tablet_firmwareRange<2020-07-24
lenovothinkpad_x1_tabletMatch-
Node
lenovothinkpad_x1_yoga_firmwareRange<2020-07-17
lenovothinkpad_x1_yogaMatch-
Node
lenovothinkpad_x260_firmwareRange<2020-07-10
lenovothinkpad_x260Match-
Node
lenovothinkpad_x270_firmwareRange<2020-07-10
lenovothinkpad_x270Match-
Node
lenovothinkpad_x280_firmwareRange<n20et52w
lenovothinkpad_x280Match-
Node
lenovothinkpad_x380_yoga_firmwareRange<2020-07-10
lenovothinkpad_x380_yogaMatch-
Node
lenovothinkpad_x390_firmwareRange<2020-07-07
lenovothinkpad_x390Match-
Node
lenovothinkpad_x390_yoga_firmwareRange<2020-06-24
lenovothinkpad_x390_yogaMatch-
Node
lenovothinkpad_x395_firmwareRange<2020-07-10
lenovothinkpad_x395Match-
Node
lenovothinkpad_yoga_260_firmwareRange<2020-07-07
lenovothinkpad_yoga_260Match-
Node
lenovothinkpad_s1_firmwareRange<2020-07-07
lenovothinkpad_s1Match-
Node
lenovothinkpad_yoga_370_firmwareRange<2020-07-10
lenovothinkpad_yoga_370Match-
Node
lenovothinkpad_s1_3rd_firmwareRange<2020-07-10
lenovothinkpad_s1_3rdMatch-
Node
lenovothinkpad_t495_firmwareRange<2020-07-10
lenovothinkpad_t495Match-
Node
lenovothinkpad_t495s_firmwareRange<2020-07-10
lenovothinkpad_t495sMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| lenovo:thinkpad_11e_yoga_gen_6_firmware | lenovo thinkpad 11e yoga gen 6 firmware | lt | 2020-07-10 |
CNA Affected
[
{
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
]Related
nvd
nvd
CVE-2020-8320
2020-06-09 20:15:22
prion
prion
Privilege escalation
2020-06-09 20:15:00
cvelist
cvelist
CVE-2020-8320
2020-06-09 00:00:00
lenovo
lenovo
Multi-vendor BIOS Security Vulnerabilities (June 2020) - Lenovo Support US
2020-06-04 20:26:21
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6.8 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.8%
Related for CVE-2020-8320