Lucene search
LenovoCVELIST:CVE-2020-8333HistorySep 24, 2020 - 9:05 p.m.
CVE-2020-8333
2020-09-2421:05:26
lenovo
www.cve.org
4
vulnerability
smi callback function
lenovo desktops
thinkstation
arbitrary code execution
CVSS3
6.4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
12.6%
A potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow arbitrary code execution
CNA Affected
[
{
"product": "BIOS",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
]Related
cve
cve
CVE-2020-8333
2020-09-24 21:15:15
nvd
nvd
CVE-2020-8333
2020-09-24 21:15:15
prion
prion
Code injection
2020-09-24 21:15:00
lenovo
lenovo
Multi-vendor BIOS Security Vulnerabilities (June 2020) - Lenovo Support US
2020-06-04 20:26:21
CVSS3
6.4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
12.6%
Related for CVELIST:CVE-2020-8333