Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2020-8336
HistoryJun 09, 2020 - 8:15 p.m.

CVE-2020-8336

2020-06-0920:15:22
[email protected]
web.nvd.nist.gov

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

30.8%

JSON

Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.

Affected configurations

NVD
Node
lenovothinkpad_e14_firmwareRange<2020-07-10
AND
lenovothinkpad_e14Match-
Node
lenovothinkpad_e15_firmwareRange<2020-07-10
AND
lenovothinkpad_e15Match-
Node
lenovothinkpad_r14_firmwareRange<2020-07-10
AND
lenovothinkpad_r14Match-
Node
lenovothinkpad_s3_gen_2_firmwareRange<2020-07-10
AND
lenovothinkpad_s3_gen_2Match-
Node
lenovothinkpad_e490s_firmwareRange<2020-07-10
AND
lenovothinkpad_e490sMatch-
Node
lenovothinkpad_s3_firmwareRange<2020-07-10
AND
lenovothinkpad_s3Match-
Node
lenovothinkpad_e490_firmwareRange<2020-07-10
AND
lenovothinkpad_e490Match-
Node
lenovothinkpad_e590_firmwareRange<2020-07-10
AND
lenovothinkpad_e590Match-
Node
lenovothinkpad_r490_firmwareRange<2020-07-10
AND
lenovothinkpad_r490Match-
Node
lenovothinkpad_r590_firmwareRange<2020-07-10
AND
lenovothinkpad_r590Match-
Node
lenovothinkpad_l13_1st_gen_firmwareRange<2020-07-10
AND
lenovothinkpad_l13_1st_genMatch-
Node
lenovothinkpad_l1415_gen_1_firmwareRange<2020-07-10
AND
lenovothinkpad_l1415_gen_1Match-
Node
lenovothinkpad_l390_yoga_firmwareRange<2020-07-10
AND
lenovothinkpad_l390_yogaMatch-
Node
lenovothinkpad_s2_yoga_4th_gen_firmwareRange<2020-07-10
AND
lenovothinkpad_s2_yoga_4th_genMatch-
Node
lenovothinkpad_l490_firmwareRange<2020-07-10
AND
lenovothinkpad_l490Match-
Node
lenovothinkpad_l590_firmwareRange<2020-07-10
AND
lenovothinkpad_l590Match-
Node
lenovothinkpad_p1_\(20mx\)_firmwareRange<n2eet47w
AND
lenovothinkpad_p1_\(20mx\)Match-
Node
lenovothinkpad_p1_\(20qx\)_firmwareRange<n2oet44w
AND
lenovothinkpad_p1_\(20qx\)Match-
Node
lenovothinkpad_p43s_\(20rx\)_firmwareRange<n2iet88w
AND
lenovothinkpad_p43s_\(20rx\)Match-
Node
lenovothinkpad_p52_\(20mx\)_firmwareRange<n2cet51w-1.34
AND
lenovothinkpad_p52_\(20mx\)Match-
Node
lenovothinkpad_p53_\(20qx\)_firmwareRange<n2net37w
AND
lenovothinkpad_p53_\(20qx\)Match-
Node
lenovothinkpad_p53s_\(20nx\)_firmwareRange<n2iet88w
AND
lenovothinkpad_p53s_\(20nx\)Match-
Node
lenovothinkpad_p72_\(20mx\)_firmwareRange<n2cet51w
AND
lenovothinkpad_p72_\(20mx\)Match-
Node
lenovothinkpad_p73_\(20qx\)_firmwareRange<n2net37w
AND
lenovothinkpad_p73_\(20qx\)Match-
Node
lenovothinkpad_t490_\(20nx\)_firmwareRange<n2iet88w
AND
lenovothinkpad_t490_\(20nx\)Match-
Node
lenovothinkpad_t490_\(20qx\)_firmwareRange<n2iet88w
AND
lenovothinkpad_t490_\(20qx\)Match-
Node
lenovothinkpad_t490_\(20rx\)_firmwareRange<n2iet88w
AND
lenovothinkpad_t490_\(20rx\)Match-
Node
lenovothinkpad_t490s_\(20nx\)_firmwareRange<n2jet87w
AND
lenovothinkpad_t490s_\(20nx\)Match-
Node
lenovothinkpad_t590_\(20nx\)_firmwareRange<n2iet88w
AND
lenovothinkpad_t590_\(20nx\)Match-
Node
lenovothinkpad_x1_carbon_\(20qx\)_firmwareRange<n2het47w
AND
lenovothinkpad_x1_carbon_\(20qx\)Match-
Node
lenovothinkpad_x1_carbon_\(20rx\)_firmwareRange<n2het47w
AND
lenovothinkpad_x1_carbon_\(20rx\)Match-
Node
lenovothinkpad_x1_extreme_\(20mx\)_firmwareRange<n2eet47w
AND
lenovothinkpad_x1_extreme_\(20mx\)Match-
Node
lenovothinkpad_x1_extreme_\(20qx\)Match-
AND
lenovothinkpad_x1_extreme_\(20qx\)_firmwareRange<n2oet44w
Node
lenovothinkpad_x1_yoga_\(20qx\)Match-
AND
lenovothinkpad_x1_yoga_\(20qx\)_firmwareRange<n2het47w
Node
lenovothinkpad_x1_yoga_\(20sx\)Match-
AND
lenovothinkpad_x1_yoga_\(20sx\)_firmwareRange<n2het47w
Node
lenovothinkpad_x390_\(20qx\)Match-
AND
lenovothinkpad_x390_\(20qx\)_firmwareRange<n2jet87w
Node
lenovothinkpad_x390_\(20sx\)Match-
AND
lenovothinkpad_x390_\(20sx\)_firmwareRange<n2set18w
Node
lenovothinkpad_x390_yogaMatch-
AND
lenovothinkpad_x390_yoga_firmwareRange<n2let74w

Related

cve 1
cvelist 1
prion 1
lenovo 1
cve
cve
CVE-2020-8336
2020-06-09 20:15:22
cvelist
cvelist
CVE-2020-8336
2020-06-09 00:00:00
prion
prion
Format string
2020-06-09 20:15:00
lenovo
lenovo
Multi-vendor BIOS Security Vulnerabilities (June 2020) - Lenovo Support US
2020-06-04 20:26:21

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

30.8%

JSON
Related for NVD:CVE-2020-8336
cve1cvelist1prion1lenovo1