Lucene search

[email protected]CVE-2020-8323

HistoryJun 09, 2020 - 8:15 p.m.

CVE-2020-8323

2020-06-0920:15:22

[email protected]

web.nvd.nist.gov

cve-2020-8323

vulnerability

smi callback function

legacy sd driver

lenovo

thinkpad

thinkstation

notebook

arbitrary code execution

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution.

Affected configurations

NVD

Node

lenovo330-14ast_firmwareMatch-

AND

lenovo330-14astMatch-

Node

lenovo330-15ast_firmwareMatch-

AND

lenovo330-15astMatch-

Node

lenovo330-17ast_firmwareMatch-

AND

lenovo330-17astMatch-

Node

lenovo340c-15api_firmwareMatch-

AND

lenovo340c-15apiMatch-

Node

lenovo340c-15ast_firmwareMatch-

AND

lenovo340c-15astMatch-

Node

lenovo720s_touch-15ikb_firmwareMatch-

AND

lenovo720s_touch-15ikbMatch-

Node

lenovo720s-15ikb_firmwareMatch-

AND

lenovo720s-15ikbMatch-

Node

lenovo730s-13iwl_firmwareMatch-

AND

lenovo730s-13iwlMatch-

Node

lenovoc640-iml_firmwareMatch-

AND

lenovoc640-imlMatch-

Node

lenovoe42-80_firmwareMatch-

AND

lenovoe42-80Match-

Node

lenovoe52-80_firmwareMatch-

AND

lenovoe52-80Match-

Node

lenovok22-80_firmwareMatch-

AND

lenovok22-80Match-

Node

lenovov720-12_firmwareMatch-

AND

lenovov720-12Match-

Node

lenovok32-80_kbl_firmwareMatch-

AND

lenovok32-80_kblMatch-

Node

lenovok32-80_skl_firmwareMatch-

AND

lenovok32-80_sklMatch-

Node

lenovomiix_720-12ikb_firmwareMatch-

AND

lenovomiix_720-12ikbMatch-

Node

lenovos145-14api_firmwareMatch-

AND

lenovos145-14apiMatch-

Node

lenovos145-14ast_firmwareMatch-

AND

lenovos145-14astMatch-

Node

lenovos145-15api_firmwareMatch-

AND

lenovos145-15apiMatch-

Node

lenovos145-15ast_firmwareMatch-

AND

lenovos145-15astMatch-

Node

lenovos540-13api_firmwareMatch-

AND

lenovos540-13apiMatch-

Node

lenovos750-iil_firmwareMatch-

AND

lenovos750-iilMatch-

Node

lenovos940-14iwl_firmwareMatch-

AND

lenovos940-14iwlMatch-

Node

lenovothinkbook_13s-iwl_firmwareMatch-

AND

lenovothinkbook_13s-iwlMatch-

Node

lenovothinkbook_14s-iwl_firmwareMatch-

AND

lenovothinkbook_14s-iwlMatch-

Node

lenovov110-14ast_firmwareMatch-

AND

lenovov110-14astMatch-

Node

lenovov110-14ikb_firmwareMatch-

AND

lenovov110-14ikbMatch-

Node

lenovov110-15ast_firmwareMatch-

AND

lenovov110-15astMatch-

Node

lenovov130-15igm_firmwareMatch-

AND

lenovov130-15igmMatch-

Node

lenovov130-15ikb_firmwareMatch-

AND

lenovov130-15ikbMatch-

Node

lenovov310-15igm_firmwareMatch-

AND

lenovov310-15igmMatch-

Node

lenovov330-15igm_firmwareMatch-

AND

lenovov330-15igmMatch-

Node

lenovov330-15ikb_firmwareMatch-

AND

lenovov330-15ikbMatch-

Node

lenovov330-15isk_firmwareMatch-

AND

lenovov330-15iskMatch-

Node

lenovov340-iil_firmwareMatch-

AND

lenovov340-iilMatch-

Node

lenovov340-iml_firmwareMatch-

AND

lenovov340-imlMatch-

Node

lenovov540s-13_firmwareMatch-

AND

lenovov540s-13Match-

Node

lenovo14iwl_firmwareMatch-

AND

lenovo14iwlMatch-

Node

lenovov730-13ikb_firmwareMatch-

AND

lenovov730-13ikbMatch-

Node

lenovov730-13isk_firmwareMatch-

AND

lenovov730-13iskMatch-

Node

lenovov730-15ikb_firmwareMatch-

AND

lenovov730-15ikbMatch-

Node

lenovowei5-15ikb_firmwareMatch-

AND

lenovowei5-15ikbMatch-

Node

lenovoxiaoxin_14-ast_qc_2019_firmwareMatch-

AND

lenovoxiaoxin_14-ast_qc_2019Match-

Node

lenovoxx-14api_qc_2019_firmwareMatch-

AND

lenovoxx-14api_qc_2019Match-

Node

lenovoyoga_s730-13iwl_firmwareMatch-

AND

lenovoyoga_s730-13iwlMatch-

Node

lenovoyoga_s940-14iwl_firmwareMatch-

AND

lenovoyoga_s940-14iwlMatch-

Node

lenovo6_pro-13-iwl_firmwareMatch-

AND

lenovo6_pro-13-iwlMatch-

Node

lenovo6_pro-14-iwl_firmwareMatch-

AND

lenovo6_pro-14-iwlMatch-

Node

lenovoe53-80_firmwareMatch-

AND

lenovoe53-80Match-

Node

lenovok3_firmwareMatch-

AND

lenovok3Match-

Node

lenovok4-iwl_firmwareMatch-

AND

lenovok4-iwlMatch-

Node

lenovothinkpad_11e_yoga_gen_6_firmwareRange<2020-07-10

AND

lenovothinkpad_11e_yoga_gen_6Match-

Node

lenovothinkpad_11e_firmwareRange<2020-07-10

AND

lenovothinkpad_11eMatch-

Node

lenovothinkpad_yoga_11e_3rd_gen_firmwareRange<2020-07-10

AND

lenovothinkpad_yoga_11e_3rd_genMatch-

Node

lenovothinkpad_yoga_11e_4th_gen_firmwareRange<2020-07-10

AND

lenovothinkpad_yoga_11e_4th_genMatch-

Node

lenovothinkpad_yoga_11e_5th_gen_firmwareRange<2020-07-10

AND

lenovothinkpad_yoga_11e_5th_genMatch-

Node

lenovothinkpad_13_2nd_gen_firmwareRange<2020-07-10

AND

lenovothinkpad_13_2nd_genMatch-

Node

lenovothinkpad_13_firmwareRange<2020-07-10

AND

lenovothinkpad_13Match-

Node

lenovothinkpad_a275Match-

AND

lenovothinkpad_a275_firmwareRange<2020-07-10

Node

lenovothinkpad_a285Match-

AND

lenovothinkpad_a285_firmwareRange<2020-07-10

Node

lenovothinkpad_a475Match-

AND

lenovothinkpad_a475_firmwareRange<2020-07-10

Node

lenovothinkpad_a485Match-

AND

lenovothinkpad_a485_firmwareRange<2020-07-10

Node

lenovothinkpad_e14Match-

AND

lenovothinkpad_e14_firmwareRange<2020-07-10

Node

lenovothinkpad_e15Match-

AND

lenovothinkpad_e15_firmwareRange<2020-07-10

Node

lenovothinkpad_r14Match-

AND

lenovothinkpad_r14_firmwareRange<2020-07-10

Node

lenovothinkpad_s3_gen_2Match-

AND

lenovothinkpad_s3_gen_2_firmwareRange<2020-07-10

Node

lenovothinkpad_e455_firmwareRange<2020-07-10

AND

lenovothinkpad_e455Match-

Node

lenovothinkpad_e555_firmwareRange<2020-07-10

AND

lenovothinkpad_e555Match-

Node

lenovothinkpad_e460_firmwareRange<2020-07-10

AND

lenovothinkpad_e460Match-

Node

lenovothinkpad_e560_firmwareRange<2020-07-10

AND

lenovothinkpad_e560Match-

Node

lenovothinkpad_e465_firmwareRange<2020-07-10

AND

lenovothinkpad_e465Match-

Node

lenovothinkpad_e565_firmwareRange<2020-07-10

AND

lenovothinkpad_e565Match-

Node

lenovothinkpad_e470_firmwareRange<2020-07-10

AND

lenovothinkpad_e470Match-

Node

lenovothinkpad_e570_firmwareRange<2020-07-10

AND

lenovothinkpad_e570Match-

Node

lenovothinkpad_e475_firmwareRange<2020-07-10

AND

lenovothinkpad_e475Match-

Node

lenovothinkpad_e575_firmwareRange<2020-07-10

AND

lenovothinkpad_e575Match-

Node

lenovothinkpad_e480_firmwareRange<2020-07-10

AND

lenovothinkpad_e480Match-

Node

lenovothinkpad_e580_firmwareRange<2020-07-10

AND

lenovothinkpad_e580Match-

Node

lenovothinkpad_e485_firmwareRange<2020-07-10

AND

lenovothinkpad_e485Match-

Node

lenovothinkpad_e585_firmwareRange<2020-07-10

AND

lenovothinkpad_e585Match-

Node

lenovothinkpad_e490s_firmwareRange<2020-07-10

AND

lenovothinkpad_e490sMatch-

Node

lenovothinkpad_s3_firmwareRange<2020-07-10

AND

lenovothinkpad_s3Match-

Node

lenovothinkpad_e490_firmwareRange<2020-07-10

AND

lenovothinkpad_e490Match-

Node

lenovothinkpad_e590_firmwareRange<2020-07-10

AND

lenovothinkpad_e590Match-

Node

lenovothinkpad_r490_firmwareRange<2020-07-10

AND

lenovothinkpad_r490Match-

Node

lenovothinkpad_r590_firmwareRange<2020-07-10

AND

lenovothinkpad_r590Match-

Node

lenovothinkpad_l13_firmwareRange<2020-07-10

AND

lenovothinkpad_l13Match-

Node

lenovothinkpad_l1415_firmwareRange<2020-07-10

AND

lenovothinkpad_l1415Match-

Node

lenovothinkpad_l380_firmwareRange<2020-07-10

AND

lenovothinkpad_l380Match-

Node

lenovothinkpad_s3_3rd_gen_firmwareRange<2020-07-10

AND

lenovothinkpad_s3_3rd_genMatch-

Node

lenovothinkpad_l380_yoga_firmwareRange<2020-07-10

AND

lenovothinkpad_l380_yogaMatch-

Node

lenovothinkpad_s2_yoga_3rd_gen_firmwareRange<2020-07-10

AND

lenovothinkpad_s2_yoga_3rd_genMatch-

Node

lenovothinkpad_l390_yoga_firmwareRange<2020-07-10

AND

lenovothinkpad_l390_yogaMatch-

Node

lenovothinkpad_s2_yoga_4th_gen_firmwareRange<2020-07-10

AND

lenovothinkpad_s2_yoga_4th_genMatch-

Node

lenovothinkpad_l460_firmwareRange<2020-07-10

AND

lenovothinkpad_l460Match-

Node

lenovothinkpad_l470_firmwareRange<2020-07-10

AND

lenovothinkpad_l470Match-

Node

lenovothinkpad_l480_firmwareRange<2020-07-10

AND

lenovothinkpad_l480Match-

Node

lenovothinkpad_l580_firmwareRange<2020-07-10

AND

lenovothinkpad_l580Match-

Node

lenovothinkpad_l490_firmwareRange<2020-07-10

AND

lenovothinkpad_l490Match-

Node

lenovothinkpad_l590_firmwareRange<2020-07-10

AND

lenovothinkpad_l590Match-

Node

lenovothinkpad_l560_firmwareRange<2020-07-03

AND

lenovothinkpad_l560Match-

Node

lenovothinkpad_l570_firmwareRange<2020-07-10

AND

lenovothinkpad_l570Match-

Node

lenovothinkpad_p1_firmwareRange<n2eet46w

AND

lenovothinkpad_p1Match-

Node

lenovothinkpad_p43s_firmwareRange<n2iet87w

AND

lenovothinkpad_p43sMatch-

Node

lenovothinkpad_p50_firmwareRange<2020-07-17

AND

lenovothinkpad_p50Match-

Node

lenovothinkpad_p50s_firmwareRange<2020-07-24

AND

lenovothinkpad_p50sMatch-

Node

lenovothinkpad_p51_firmwareRange<2020-07-03

AND

lenovothinkpad_p51Match-

Node

lenovothinkpad_p51s_firmwareRange<2020-07-03

AND

lenovothinkpad_p51sMatch-

Node

lenovothinkpad_p52_firmwareRange<n2cet51w

AND

lenovothinkpad_p52Match-

Node

lenovothinkpad_p52s_firmwareRange<2020-07-03

AND

lenovothinkpad_p52sMatch-

Node

lenovothinkpad_p53_firmwareRange<n2net37w

AND

lenovothinkpad_p53Match-

Node

lenovothinkpad_p53s_firmwareRange<n2iet87w

AND

lenovothinkpad_p53sMatch-

Node

lenovothinkpad_p70_firmwareRange<2020-07-17

AND

lenovothinkpad_p70Match-

Node

lenovothinkpad_p71_firmwareRange≤2020-07-17

AND

lenovothinkpad_p71Match-

Node

lenovothinkpad_p72_firmwareRange<n2cet51w

AND

lenovothinkpad_p72Match-

Node

lenovothinkpad_p73_firmwareRange<n2net37w

AND

lenovothinkpad_p73Match-

Node

lenovothinkpad_s5_2nd_gen_firmwareRange<2020-07-10

AND

lenovothinkpad_s5_2nd_genMatch-

Node

lenovothinkpad_s5_firmwareRange<2020-07-10

AND

lenovothinkpad_s5Match-

Node

lenovothinkpad_e560p_firmwareRange<2020-07-10

AND

lenovothinkpad_e560pMatch-

Node

lenovothinkpad_t25_firmwareRange<n1qet87w

AND

lenovothinkpad_t25Match-

Node

lenovothinkpad_t460_firmwareRange<2020-07-10

AND

lenovothinkpad_t460Match-

Node

lenovothinkpad_t460p_firmwareRange<2020-07-10

AND

lenovothinkpad_t460pMatch-

Node

lenovothinkpad_t460s_firmwareRange<2020-06-19

AND

lenovothinkpad_t460sMatch-

Node

lenovothinkpad_t470_firmwareRange<n1qet87w

AND

lenovothinkpad_t470Match-

Node

lenovothinkpad_t470p_firmwareRange<2020-07-10

AND

lenovothinkpad_t470pMatch-

Node

lenovothinkpad_t470s_firmwareRange<n1wet58w

AND

lenovothinkpad_t470sMatch-

Node

lenovothinkpad_t480_firmwareRange<n24et56w

AND

lenovothinkpad_t480Match-

Node

lenovothinkpad_t480s_firmwareRange<n22et62w

AND

lenovothinkpad_t480sMatch-

Node

lenovothinkpad_t490_firmwareRange<n2iet87w

AND

lenovothinkpad_t490Match-

Node

lenovothinkpad_t490s_firmwareRange<n2jet87w

AND

lenovothinkpad_t490sMatch-

Node

lenovothinkpad_t560_firmwareRange<2020-07-24

AND

lenovothinkpad_t560Match-

Node

lenovothinkpad_t570_firmwareRange<2020-07-03

AND

lenovothinkpad_t570Match-

Node

lenovothinkpad_t580_firmwareRange<2020-07-03

AND

lenovothinkpad_t580Match-

Node

lenovothinkpad_t590_firmwareRange<n2iet87w

AND

lenovothinkpad_t590Match-

Node

lenovothinkpad_x1_carbon_firmwareRange<n1met60w

AND

lenovothinkpad_x1_carbonMatch-

Node

lenovothinkpad_x1_yoga_firmwareRange<2020-07-17

AND

lenovothinkpad_x1_yogaMatch-

Node

lenovothinkpad_x1_extreme_firmwareRange<n2oet43w

AND

lenovothinkpad_x1_extremeMatch-

Node

lenovothinkpad_x1_tablet_firmwareRange<2020-07-24

AND

lenovothinkpad_x1_tabletMatch-

Node

lenovothinkpad_x1_yoga_firmwareRange<2020-07-17

AND

lenovothinkpad_x1_yogaMatch-

Node

lenovothinkpad_x260_firmwareRange<2020-07-10

AND

lenovothinkpad_x260Match-

Node

lenovothinkpad_x270_firmwareRange<2020-07-10

AND

lenovothinkpad_x270Match-

Node

lenovothinkpad_x280_firmwareRange<n20et52w

AND

lenovothinkpad_x280Match-

Node

lenovothinkpad_x380_yoga_firmwareRange<2020-07-10

AND

lenovothinkpad_x380_yogaMatch-

Node

lenovothinkpad_x390_firmwareRange<2020-07-07

AND

lenovothinkpad_x390Match-

Node

lenovothinkpad_x390_yoga_firmwareRange<2020-06-24

AND

lenovothinkpad_x390_yogaMatch-

Node

lenovothinkpad_x395_firmwareRange<2020-07-10

AND

lenovothinkpad_x395Match-

Node

lenovothinkpad_yoga_260_firmwareRange<2020-07-07

AND

lenovothinkpad_yoga_260Match-

Node

lenovothinkpad_s1_firmwareRange<2020-07-07

AND

lenovothinkpad_s1Match-

Node

lenovothinkpad_yoga_370_firmwareRange<2020-07-10

AND

lenovothinkpad_yoga_370Match-

Node

lenovothinkpad_s1_3rd_firmwareRange<2020-07-10

AND

lenovothinkpad_s1_3rdMatch-

Node

lenovothinkpad_t495_firmwareRange<2020-07-10

AND

lenovothinkpad_t495Match-

Node

lenovothinkpad_t495s_firmwareRange<2020-07-10

AND

lenovothinkpad_t495sMatch-

Node

lenovothinkpad_helix_firmwareRange<n17etb2w

AND

lenovothinkpad_helixMatch-

Node

lenovothinkpad_s1_yoga_firmwareRange<gqet63ww

AND

lenovothinkpad_s1_yogaMatch-

Node

lenovothinkpad_s1_yoga_vpro_firmwareRange<b0et47ww

AND

lenovothinkpad_s1_yoga_vproMatch-

Node

lenovothinkpad_s5_yoga_15_firmwareRange<n19et64w

AND

lenovothinkpad_s5_yoga_15Match-

Node

lenovothinkpad_s540_firmwareRange<gpet81ww

AND

lenovothinkpad_s540Match-

Node

lenovothinkpad_t440_firmwareRange<gjeta4ww

AND

lenovothinkpad_t440Match-

Node

lenovothinkpad_t440s_firmwareRange<gjeta4ww

AND

lenovothinkpad_t440sMatch-

Node

lenovothinkpad_t440p_firmwareRange<gleta1ww

AND

lenovothinkpad_t440pMatch-

Node

lenovothinkpad_t540_firmwareRange<gmet90ww

AND

lenovothinkpad_t540Match-

Node

lenovothinkpad_t540p_firmwareRange<gmet90ww

AND

lenovothinkpad_t540pMatch-

Node

lenovothinkpad_t550_firmwareRange<n11et52w

AND

lenovothinkpad_t550Match-

Node

lenovothinkpad_w540_firmwareRange<gnet93ww

AND

lenovothinkpad_w540Match-

Node

lenovothinkpad_w541_firmwareRange<gnet93ww

AND

lenovothinkpad_w541Match-

Node

lenovothinkpad_w550s_firmwareRange<n11et52w

AND

lenovothinkpad_w550sMatch-

Node

lenovothinkpad_x1_carbon_\(20ax\)_firmwareRange<gret63ww

AND

lenovothinkpad_x1_carbon_\(20ax\)Match-

Node

lenovothinkpad_x1_carbon_\(20bx\)_firmwareRange<n14et54w

AND

lenovothinkpad_x1_carbon_\(20bx\)Match-

Node

lenovothinkpad_x140e_firmwareRange<gset74ww

AND

lenovothinkpad_x140eMatch-

Node

lenovothinkpad_x240_firmwareRange<giet99ww

AND

lenovothinkpad_x240Match-

Node

lenovothinkpad_x240s_firmwareRange<giet99ww

AND

lenovothinkpad_x240sMatch-

Node

lenovothinkpad_x250_firmwareRange<n10et61w

AND

lenovothinkpad_x250Match-

Node

lenovothinkpad_yoga_11e_\(20dx\)_firmwareRange<n15et79w

AND

lenovothinkpad_yoga_11e_\(20dx\)Match-

CPENameOperatorVersion
lenovo:330-14ast_firmwarelenovo 330-14ast firmwareeq-

CPE	Name	Operator	Version
lenovo:330-14ast_firmware	lenovo 330-14ast firmware	eq	-

CNA Affected

[
  {
    "product": "BIOS",
    "vendor": "Lenovo",
    "versions": [
      {
        "status": "affected",
        "version": "various"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-30042

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVE-2020-8323

nvd1 prion1 cvelist1 lenovo1