Vulnerabilites related to lenovo - idataplex_dx360_m4_water_cooled_firmware
Vulnerability from fkie_nvd
Published
2020-10-14 22:15
Modified
2024-11-21 05:38
Summary
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:bladecenter_hs23_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "32261693-2F07-4356-BD05-E9A08AA38934",
                     versionEndExcluding: "tke170b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:bladecenter_hs23:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "94192605-6810-4405-B8CF-2474A7283FE4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:bladecenter_hs23e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2DF1BDF-A5B5-4CAD-91BF-292A74D9456C",
                     versionEndExcluding: "ahe172b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:bladecenter_hs23e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C271D4E-D8C3-4266-8805-CC6289338322",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:compute_node-x440_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0AAD714-219E-4DD1-9EAA-20A480BA1AFB",
                     versionEndExcluding: "cge128a",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:compute_node-x440:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D97E593-A7D1-4E1E-BE9C-4A65718A0B83",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:flex_system_x220_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA7B69B2-73C3-446E-8882-C97F604CF915",
                     versionEndExcluding: "kse170b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:flex_system_x220:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8D84D5A-64BF-4F40-9166-96080D5EE375",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:flex_system_x240_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C548A10D-EEF3-48CD-9F40-3799C602B8AE",
                     versionEndExcluding: "b2e172b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:flex_system_x240:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9BBA2148-9A2A-4216-8A68-1289386DA71D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:flex_system_x440_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9709B66B-3D67-438C-A527-8B638819E6B8",
                     versionEndExcluding: "cne172b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:flex_system_x440:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D5B7974-7069-4C39-8851-8E053D9B3920",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:nextscale_nx360_m4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "852D2502-9E2A-4044-8D47-B2CBF5BC78C2",
                     versionEndExcluding: "fhe132b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:nextscale_nx360_m4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DF04618-9824-40E6-B119-F398F32C2BE2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:system_x3300_m4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F16B176-B340-4767-A436-3E8ABE511E85",
                     versionEndExcluding: "yae166b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:system_x3300_m4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E88143F0-BC83-4B20-B88D-2D9427CF0B6C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:system_x3500_m4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA1BE3AD-A5DF-4092-A304-65EACA237F9B",
                     versionEndExcluding: "y5e170b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:system_x3500_m4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "64E63E60-086B-4617-92BF-9500A81DEE8B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:system_x3530_m4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F431F6EF-481A-4936-A6DB-16C24E716489",
                     versionEndExcluding: "bee174b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:system_x3530_m4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C54AE14C-8428-4C8B-8F81-8CCC4B031335",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:system_x3550_m4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "00EF3CBB-6FEB-4A27-BDBD-0B767C3CDB08",
                     versionEndExcluding: "d7e174b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:system_x3550_m4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "027CED16-1A03-4336-876F-D22776D4927D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:system_x3630_m4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8C6FFAD-717E-4229-AFED-7009F101AA9B",
                     versionEndExcluding: "bee174b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:system_x3630_m4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4F3E6BBF-5729-4AD1-AE0E-0F2627D6EE71",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:system_x3650_m4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "052A80E7-0C9B-4EE0-927B-C66DAFDA18FA",
                     versionEndExcluding: "vve172b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:system_x3650_m4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9008487-EFB6-4714-AD8C-70DE47BDCD2A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:system_x3650_m4_bd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF2118D6-53FE-495F-B64A-D992B144B81F",
                     versionEndExcluding: "vve172b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:system_x3650_m4_bd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "01E601E3-DEE5-4813-986B-B7C2A3A17BCA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:system_x3650_m4_hd_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "12E2D764-C716-4851-AC19-D9485D1ED4BE",
                     versionEndExcluding: "vve172b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:system_x3650_m4_hd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B71BB90-629C-4CB7-9CAF-44C605313EF8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "923DEC4C-AECA-4BDF-9CC0-A6F8DCAD0530",
                     versionEndExcluding: "a5e130a",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:system_x3750_m4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A554CB8-7FE1-454D-8E3D-AA3EC80EEB90",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:system_x3750_m4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "361AFEDD-D4FA-4B50-8629-BC800A0475B3",
                     versionEndExcluding: "koe170b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:system_x3750_m4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A554CB8-7FE1-454D-8E3D-AA3EC80EEB90",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:idataplex_dx360_m4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "60A430BE-83BF-4F9D-9FBC-1A89F6C44714",
                     versionEndExcluding: "tde168b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:idataplex_dx360_m4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ADDDC5A4-7149-4C2B-9835-AEA1F0EE61E7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:idataplex_dx360_m4_water_cooled_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "988FC3E2-00E4-4CF9-B021-C07D9590C2D3",
                     versionEndExcluding: "tde168b",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:idataplex_dx360_m4_water_cooled:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "446539A5-99A6-49CA-B1A1-FD2A06BDE96A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected.",
      },
      {
         lang: "es",
         value: "Una potencial vulnerabilidad en la devolución de llamada de la función SMI utilizada en los controladores USB del modo BIOS heredado en algunos servidores Lenovo e IBM System x heredados puede permitir una ejecución de código arbitraria. Los servidores que funcionan en modo UEFI no están afectados",
      },
   ],
   id: "CVE-2020-8332",
   lastModified: "2024-11-21T05:38:43.570",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 6.9,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.4,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.5,
            impactScore: 5.9,
            source: "psirt@lenovo.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.5,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-10-14T22:15:13.403",
   references: [
      {
         source: "psirt@lenovo.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://support.lenovo.com/us/en/product_security/LEN-38625",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://support.lenovo.com/us/en/product_security/LEN-38625",
      },
   ],
   sourceIdentifier: "psirt@lenovo.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-367",
            },
         ],
         source: "psirt@lenovo.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-367",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2020-8332
Vulnerability from cvelistv5
Published
2020-10-14 21:25
Modified
2024-08-04 09:56
Summary
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected.
References
Impacted products
Vendor Product Version
Lenovo System x Version: various
IBM System x Version: various
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T09:56:28.331Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://support.lenovo.com/us/en/product_security/LEN-38625",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "System x",
               vendor: "Lenovo",
               versions: [
                  {
                     status: "affected",
                     version: "various",
                  },
               ],
            },
            {
               product: "System x",
               vendor: "IBM",
               versions: [
                  {
                     status: "affected",
                     version: "various",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-367",
                     description: "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-10-14T21:25:19",
            orgId: "da227ddf-6e25-4b41-b023-0f976dcaca4b",
            shortName: "lenovo",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://support.lenovo.com/us/en/product_security/LEN-38625",
            },
         ],
         solutions: [
            {
               lang: "en",
               value: "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-38625.",
            },
         ],
         source: {
            advisory: "LEN-38625",
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.0.9",
         },
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@lenovo.com",
               ID: "CVE-2020-8332",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "System x",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "=",
                                          version_value: "various",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Lenovo",
                     },
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "System x",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "=",
                                          version_value: "various",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "IBM",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected.",
                  },
               ],
            },
            generator: {
               engine: "Vulnogram 0.0.9",
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://support.lenovo.com/us/en/product_security/LEN-38625",
                     refsource: "MISC",
                     url: "https://support.lenovo.com/us/en/product_security/LEN-38625",
                  },
               ],
            },
            solution: [
               {
                  lang: "en",
                  value: "Update system firmware to the version (or newer) indicated for your model in the Product Impact section in LEN-38625.",
               },
            ],
            source: {
               advisory: "LEN-38625",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "da227ddf-6e25-4b41-b023-0f976dcaca4b",
      assignerShortName: "lenovo",
      cveId: "CVE-2020-8332",
      datePublished: "2020-10-14T21:25:19",
      dateReserved: "2020-01-28T00:00:00",
      dateUpdated: "2024-08-04T09:56:28.331Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}