Lenovo Security Advisory: LEN-30707
Potential Impact: Privilege escalation
Severity: Medium
Scope of Impact: Lenovo-specific
CVE Identifier: CVE-2020-8337
Summary Description:
An unquoted search path vulnerability was reported in Synaptics Audio Driver that could allow an administrative user to execute arbitrary code.
Mitigation Strategy for Customers (what you should do to protect yourself):
Synaptics recommends updating to the Synaptics Audio Driver version indicated for your model in the Product Impact section below.
Product Impact:
To download the version specified for your product below, follow these steps:
Alternatively and if applicable for your product, you may use Lenovo Vantage or Windows Update to update to the latest available version. To confirm you are using the minimum fix version (or higher), go to Add/Remove Programs and check the version listed there.