System Management Mode (SMM) BIOS Vulnerability in some legacy System x servers - Lenovo Support NL

**Lenovo Security Advisory:**LEN-38625

**Potential Impact:**Privilege escalation

**Severity:**Medium

**Scope of Impact:**Lenovo-specific

**CVE Identifier:**CVE-2020-8332

Summary Description:

A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected.

Mitigation Strategy for Customers (what you should do to protect yourself):

Update system firmware to the version (or newer) indicated for your model in the Product Impact section.