Lucene search

[email protected]CVE-2020-8321

HistoryJun 09, 2020 - 8:15 p.m.

CVE-2020-8321

2020-06-0920:15:22

[email protected]

web.nvd.nist.gov

lenovo

notebook

thinkstation

vulnerability

smi callback

system lock preinstallation

cve-2020-8321

nvd

arbitrary code execution

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution.

Affected configurations

NVD

Node

lenovo130-14ast_firmwareMatch-

AND

lenovo130-14astMatch-

Node

lenovo130-14ikb_firmwareMatch-

AND

lenovo130-14ikbMatch-

Node

lenovo130-15ast_firmwareMatch-

AND

lenovo130-15astMatch-

Node

lenovo130-15ikb_firmwareMatch-

AND

lenovo130-15ikbMatch-

Node

lenovo320c-15ikb_firmwareMatch-

AND

lenovo320c-15ikbMatch-

Node

lenovo330-14igm_firmwareMatch-

AND

lenovo330-14igmMatch-

Node

lenovo330-14ikb_firmwareMatch-

AND

lenovo330-14ikbMatch-

Node

lenovo330-14ikbr_firmwareMatch-

AND

lenovo330-14ikbrMatch-

Node

lenovo330-15arr_firmwareMatch-

AND

lenovo330-15arrMatch-

Node

lenovo330-15arr_touch_firmwareMatch-

AND

lenovo330-15arr_touchMatch-

Node

lenovo330-15ich_firmwareMatch-

AND

lenovo330-15ichMatch-

Node

lenovo330-15igm_firmwareMatch-

AND

lenovo330-15igmMatch-

Node

lenovo330-15ikb_firmwareMatch-

AND

lenovo330-15ikbMatch-

Node

lenovo330-15ikbr_firmwareMatch-

AND

lenovo330-15ikbrMatch-

Node

lenovo330-15ikbr_touch_firmwareMatch-

AND

lenovo330-15ikbr_touchMatch-

Node

lenovo330-17ich_firmwareMatch-

AND

lenovo330-17ichMatch-

Node

lenovo330-17ikb_firmwareMatch-

AND

lenovo330-17ikbMatch-

Node

lenovo330-17ikbr_firmwareMatch-

AND

lenovo330-17ikbrMatch-

Node

lenovo330c-14ikb_firmwareMatch-

AND

lenovo330c-14ikbMatch-

Node

lenovo330c-15ikb_firmwareMatch-

AND

lenovo330c-15ikbMatch-

Node

lenovo330c-15ikbr_firmwareMatch-

AND

lenovo330c-15ikbrMatch-

Node

lenovo340c-15igm_firmwareMatch-

AND

lenovo340c-15igmMatch-

Node

lenovo340c-15ikb_firmwareMatch-

AND

lenovo340c-15ikbMatch-

Node

lenovo340c-15iwl_firmwareMatch-

AND

lenovo340c-15iwlMatch-

Node

lenovo530s-14iwl_firmwareMatch-

AND

lenovo530s-14iwlMatch-

Node

lenovo530s-15iwl_firmwareMatch-

AND

lenovo530s-15iwlMatch-

Node

lenovo530s-14arr_firmwareMatch-

AND

lenovo530s-14arrMatch-

Node

lenovo530s-14ikb_firmwareMatch-

AND

lenovo530s-14ikbMatch-

Node

lenovo530s-15ikb_firmwareMatch-

AND

lenovo530s-15ikbMatch-

Node

lenovo720s-13arr_firmwareMatch-

AND

lenovo720s-13arrMatch-

Node

lenovo720s-14ikbr_firmwareMatch-

AND

lenovo720s-14ikbrMatch-

Node

lenovoc340-14api_firmwareMatch-

AND

lenovoc340-14apiMatch-

Node

lenovoc340-14iml_firmwareMatch-

AND

lenovoc340-14imlMatch-

Node

lenovoc340-14iwl_firmwareMatch-

AND

lenovoc340-14iwlMatch-

Node

lenovoc340-15iil_firmwareMatch-

AND

lenovoc340-15iilMatch-

Node

lenovoc340-15iml_firmwareMatch-

AND

lenovoc340-15imlMatch-

Node

lenovoc340-15iwl_firmwareMatch-

AND

lenovoc340-15iwlMatch-

Node

lenovod330-10igm_firmwareMatch-

AND

lenovod330-10igmMatch-

Node

lenovod335-10igm_firmwareMatch-

AND

lenovod335-10igmMatch-

Node

lenovoe4-14arr_firmwareMatch-

AND

lenovoe4-14arrMatch-

Node

lenovoflex_6-14arr_firmwareMatch-

AND

lenovoflex_6-14arrMatch-

Node

lenovoflex_6-14ikb_firmwareMatch-

AND

lenovoflex_6-14ikbMatch-

Node

lenovoflex-14iwl_firmwareMatch-

AND

lenovoflex-14iwlMatch-

Node

lenovoflex-15iwl_firmwareMatch-

AND

lenovoflex-15iwlMatch-

Node

lenovoideapad_3_14_firmwareMatch-

AND

lenovoideapad_3_14Match-

Node

lenovoideapad_3_15_firmwareMatch-

AND

lenovoideapad_3_15Match-

Node

lenovoideapad_3_17iml05_firmwareMatch-

AND

lenovoideapad_3_17iml05Match-

Node

lenovoideapad_3_15iil05_firmwareMatch-

AND

lenovoideapad_3_15iil05Match-

Node

lenovoideapad_3_14iil05_firmwareMatch-

AND

lenovoideapad_3_14iil05Match-

Node

lenovoideapad_5_15iil05_firmwareMatch-

AND

lenovoideapad_5_15iil05Match-

Node

lenovok43c-80_firmwareMatch-

AND

lenovok43c-80Match-

Node

lenovol3_15iml05_firmwareMatch-

AND

lenovol3_15iml05Match-

Node

lenovol340-15api_firmwareMatch-

AND

lenovol340-15apiMatch-

Node

lenovol340-15api_touch_firmwareMatch-

AND

lenovol340-15api_touchMatch-

Node

lenovol340-15irh_firmwareMatch-

AND

lenovol340-15irhMatch-

Node

lenovol340-15iwl_touch_firmwareMatch-

AND

lenovol340-15iwl_touchMatch-

Node

lenovol340-17api_firmwareMatch-

AND

lenovol340-17apiMatch-

Node

lenovol340-17irh_firmwareMatch-

AND

lenovol340-17irhMatch-

Node

lenovol340-17iwl_firmwareMatch-

AND

lenovol340-17iwlMatch-

Node

lenovolegion_y530-15ich_firmwareMatch-

AND

lenovolegion_y530-15ichMatch-

Node

lenovolegion_y530-15ich-1060_firmwareMatch-

AND

lenovolegion_y530-15ich-1060Match-

Node

lenovolegion_y540-15_pg0_firmwareMatch-

AND

lenovolegion_y540-15_pg0Match-

Node

lenovolegion_y540-15irh_firmwareMatch-

AND

lenovolegion_y540-15irhMatch-

Node

lenovolegion_y540-17_pg0_firmwareMatch-

AND

lenovolegion_y540-17_pg0Match-

Node

lenovolegion_y540-17irh_firmwareMatch-

AND

lenovolegion_y540-17irhMatch-

Node

lenovolegion_y545_firmwareMatch-

AND

lenovolegion_y545Match-

Node

lenovolegion_y545_pg0_firmwareMatch-

AND

lenovolegion_y545_pg0Match-

Node

lenovolegion_y7000_2019_firmwareMatch-

AND

lenovolegion_y7000_2019Match-

Node

lenovolegion_y7000_pg0_firmwareMatch-

AND

lenovolegion_y7000_pg0Match-

Node

lenovolegion_y7000p_2019_firmwareMatch-

AND

lenovolegion_y7000p_2019Match-

Node

lenovolegion_y7000p_pg0_firmwareMatch-

AND

lenovolegion_y7000p_pg0Match-

Node

lenovolegion_y7000p-1060_firmwareMatch-

AND

lenovolegion_y7000p-1060Match-

Node

lenovolegion_y730-15ich_firmwareMatch-

AND

lenovolegion_y730-15ichMatch-

Node

lenovolegion_y730-17ich_firmwareMatch-

AND

lenovolegion_y730-17ichMatch-

Node

lenovolegion_y740-15ichg_firmwareMatch-

AND

lenovolegion_y740-15ichgMatch-

Node

lenovolegion_y740-15irhg_firmwareMatch-

AND

lenovolegion_y740-15irhgMatch-

Node

lenovolegion_y740-17ichg_firmwareMatch-

AND

lenovolegion_y740-17ichgMatch-

Node

lenovolegion_y740-17irhg_firmwareMatch-

AND

lenovolegion_y740-17irhgMatch-

Node

lenovolegion_y9000k_2019_firmwareMatch-

AND

lenovolegion_y9000k_2019Match-

Node

lenovolegion_y9000p_2019_firmwareMatch-

AND

lenovolegion_y9000p_2019Match-

Node

lenovolenovo_e41-25_firmwareMatch-

AND

lenovolenovo_e41-25Match-

Node

lenovolenovo_v320-17ikb_firmwareMatch-

AND

lenovolenovo_v320-17ikbMatch-

Node

lenovolenovo_v720-14ikb_firmwareMatch-

AND

lenovolenovo_v720-14ikbMatch-

Node

lenovorescuer_y7000_firmwareMatch-

AND

lenovorescuer_y7000Match-

Node

lenovorescuer_y7000p_firmwareMatch-

AND

lenovorescuer_y7000pMatch-

Node

lenovorescuer_y7000p\(1060\)_firmwareMatch-

AND

lenovorescuer_y7000p\(1060\)Match-

Node

lenovorescuer_y7000\(1060\)_firmwareMatch-

AND

lenovorescuer_y7000\(1060\)Match-

Node

lenovos145-14_firmwareMatch-

AND

lenovos145-14Match-

Node

lenovos145-14igm_firmwareMatch-

AND

lenovos145-14igmMatch-

Node

lenovos145-14ikb_firmwareMatch-

AND

lenovos145-14ikbMatch-

Node

lenovos145-14iwl_firmwareMatch-

AND

lenovos145-14iwlMatch-

Node

lenovos145-15igm_firmwareMatch-

AND

lenovos145-15igmMatch-

Node

lenovos145-15ikb_firmwareMatch-

AND

lenovos145-15ikbMatch-

Node

lenovos145-15iwl_firmwareMatch-

AND

lenovos145-15iwlMatch-

Node

lenovos340-13iml_firmwareMatch-

AND

lenovos340-13imlMatch-

Node

lenovos340-14_firmwareMatch-

AND

lenovos340-14Match-

Node

lenovos340-14api_firmwareMatch-

AND

lenovos340-14apiMatch-

Node

lenovos340-14iil_firmwareMatch-

AND

lenovos340-14iilMatch-

Node

lenovos340-14iml_firmwareMatch-

AND

lenovos340-14imlMatch-

Node

lenovos340-14iwl_firmwareMatch-

AND

lenovos340-14iwlMatch-

Node

lenovos340-14iwl_touch_firmwareMatch-

AND

lenovos340-14iwl_touchMatch-

Node

lenovos340-15api_firmwareMatch-

AND

lenovos340-15apiMatch-

Node

lenovos340-15iml_firmwareMatch-

AND

lenovos340-15imlMatch-

Node

lenovos340-15iwl_firmwareMatch-

AND

lenovos340-15iwlMatch-

Node

lenovos340-15iwl_touch_firmwareMatch-

AND

lenovos340-15iwl_touchMatch-

Node

lenovos530-13iml_firmwareMatch-

AND

lenovos530-13imlMatch-

Node

lenovos530-13iwl_firmwareMatch-

AND

lenovos530-13iwlMatch-

Node

lenovos540-14api_firmwareMatch-

AND

lenovos540-14apiMatch-

Node

lenovos540-14iml_firmwareMatch-

AND

lenovos540-14imlMatch-

Node

lenovos540-14iwl_firmwareMatch-

AND

lenovos540-14iwlMatch-

Node

lenovos540-14iwl_touch_firmwareMatch-

AND

lenovos540-14iwl_touchMatch-

Node

lenovos540-15iml_firmwareMatch-

AND

lenovos540-15imlMatch-

Node

lenovos540-15iwl_firmwareMatch-

AND

lenovos540-15iwlMatch-

Node

lenovos540-15iwl_gtx_firmwareMatch-

AND

lenovos540-15iwl_gtxMatch-

Node

lenovos550-14iil_firmwareMatch-

AND

lenovos550-14iilMatch-

Node

lenovov130-14ast_firmwareMatch-

AND

lenovov130-14astMatch-

Node

lenovov130-14igm_firmwareMatch-

AND

lenovov130-14igmMatch-

Node

lenovov130-14ikb_firmwareMatch-

AND

lenovov130-14ikbMatch-

Node

lenovov130-15ast_firmwareMatch-

AND

lenovov130-15astMatch-

Node

lenovov145-14ast_firmwareMatch-

AND

lenovov145-14astMatch-

Node

lenovov145-15ast_firmwareMatch-

AND

lenovov145-15astMatch-

Node

lenovov320-14ikb_firmwareMatch-

AND

lenovov320-14ikbMatch-

Node

lenovov320-15ikb_firmwareMatch-

AND

lenovov320-15ikbMatch-

Node

lenovov320-17ikbr_firmwareMatch-

AND

lenovov320-17ikbrMatch-

Node

lenovov330-14arr_firmwareMatch-

AND

lenovov330-14arrMatch-

Node

lenovov330-14ast_firmwareMatch-

AND

lenovov330-14astMatch-

Node

lenovov330-14igm_firmwareMatch-

AND

lenovov330-14igmMatch-

Node

lenovov330-14igm_firmwareMatch-

AND

lenovov330-14igmMatch-

Node

lenovov330-14isk_firmwareMatch-

AND

lenovov330-14iskMatch-

Node

lenovov330-15ast_firmwareMatch-

AND

lenovov330-15astMatch-

Node

lenovowei5-14ikb_firmwareMatch-

AND

lenovowei5-14ikbMatch-

Node

lenovoxiaoxin_air_13iwl_firmwareMatch-

AND

lenovoxiaoxin_air_13iwlMatch-

Node

lenovoxiaoxin_air_14arr_firmwareMatch-

AND

lenovoxiaoxin_air_14arrMatch-

Node

lenovoxiaoxin_air_14ikbr_firmwareMatch-

AND

lenovoxiaoxin_air_14ikbrMatch-

Node

lenovoxiaoxin_air_14iwl_firmwareMatch-

AND

lenovoxiaoxin_air_14iwlMatch-

Node

lenovoxiaoxin_air_15ikbr_firmwareMatch-

AND

lenovoxiaoxin_air_15ikbrMatch-

Node

lenovoxiaoxin_air_15iwl_firmwareMatch-

AND

lenovoxiaoxin_air_15iwlMatch-

Node

lenovoxiaoxin_air-14iwl_2019_firmwareMatch-

AND

lenovoxiaoxin_air-14iwl_2019Match-

Node

lenovoxiaoxin_air-15iwl_2019_firmwareMatch-

AND

lenovoxiaoxin_air-15iwl_2019Match-

Node

lenovoxiaoxin-13iml_firmwareMatch-

AND

lenovoxiaoxin-13imlMatch-

Node

lenovoxiaoxin-14_2019iwl_firmwareMatch-

AND

lenovoxiaoxin-14_2019iwlMatch-

Node

lenovoxiaoxin-14igm_qc_2019_firmwareMatch-

AND

lenovoxiaoxin-14igm_qc_2019Match-

Node

lenovoxiaoxin-14iwl_qc_2019_firmwareMatch-

AND

lenovoxiaoxin-14iwl_qc_2019Match-

Node

lenovoxiaoxin-15_2019iwl_firmwareMatch-

AND

lenovoxiaoxin-15_2019iwlMatch-

Node

lenovoxx-14kb_qc_2019_firmwareMatch-

AND

lenovoxx-14kb_qc_2019Match-

Node

lenovoy7000_2019_1050_firmwareMatch-

AND

lenovoy7000_2019_1050Match-

Node

lenovoyoga_530-14arr_firmwareMatch-

AND

lenovoyoga_530-14arrMatch-

Node

lenovoyoga_720-12ikb_firmwareMatch-

AND

lenovoyoga_720-12ikbMatch-

Node

lenovoyoga_730-13ikb_firmwareMatch-

AND

lenovoyoga_730-13ikbMatch-

Node

lenovoyoga_730-13iwl_firmwareMatch-

AND

lenovoyoga_730-13iwlMatch-

Node

lenovoyoga_730-15ikb_firmwareMatch-

AND

lenovoyoga_730-15ikbMatch-

Node

lenovoyoga_730-15iwl_firmwareMatch-

AND

lenovoyoga_730-15iwlMatch-

Node

lenovoyoga_c740-14iml_firmwareMatch-

AND

lenovoyoga_c740-14imlMatch-

Node

lenovoyoga_c740-15iml_firmwareMatch-

AND

lenovoyoga_c740-15imlMatch-

Node

lenovoyoga_c930-13ikb_firmwareMatch-

AND

lenovoyoga_c930-13ikbMatch-

Node

lenovoyoga_c930_glass_firmwareMatch-

AND

lenovoyoga_c930_glassMatch-

Node

lenovoyoga_c940_firmwareMatch-

AND

lenovoyoga_c940Match-

Node

lenovoyoga_s740-14iil_firmwareMatch-

AND

lenovoyoga_s740-14iilMatch-

Node

lenovoyoga_530-14ikb_firmwareMatch-

AND

lenovoyoga_530-14ikbMatch-

Node

lenovoflex_6-1470_firmwareMatch-

AND

lenovoflex_6-1470Match-

Node

lenovozhaoyang_k42-80_firmwareMatch-

AND

lenovozhaoyang_k42-80Match-

Node

lenovoe43-80_kbl_firmwareMatch-

AND

lenovoe43-80_kblMatch-

Node

lenovothinkstation_p410_firmwareRange<s00kya7a

AND

lenovothinkstation_p410Match-

Node

lenovothinkstation_p500_firmwareRange<a4kt67a

AND

lenovothinkstation_p500Match-

Node

lenovothinkstation_p510_firmwareRange<s00kya7a

AND

lenovothinkstation_p510Match-

Node

lenovothinkstation_p520_firmwareRange<2020-09-01

AND

lenovothinkstation_p520Match-

Node

lenovothinkstation_p520c_firmwareRange<2020-09-01

AND

lenovothinkstation_p520cMatch-

Node

lenovothinkstation_p700_firmwareRange<a5kta7a

AND

lenovothinkstation_p700Match-

Node

lenovothinkstation_p710_firmwareRange<s01kt67a

AND

lenovothinkstation_p710Match-

Node

lenovothinkstation_p720_firmwareRange<2020-09-01

AND

lenovothinkstation_p720Match-

Node

lenovothinkstation_p900_firmwareRange<a6kta7a

AND

lenovothinkstation_p900Match-

Node

lenovothinkstation_p910_firmwareRange<s02kt67a

AND

lenovothinkstation_p910Match-

Node

lenovothinkstation_p920_firmwareRange<2020-09-01

AND

lenovothinkstation_p920Match-

CPENameOperatorVersion
lenovo:130-14ast_firmwarelenovo 130-14ast firmwareeq-

CPE	Name	Operator	Version
lenovo:130-14ast_firmware	lenovo 130-14ast firmware	eq	-

CNA Affected

[
  {
    "product": "BIOS",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-30042

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVE-2020-8321

prion1 cvelist1 nvd1 lenovo1