Search criteria
3 vulnerabilities found for smart_audio_uwp by synaptics
FKIE_CVE-2020-8337
Vulnerability from fkie_nvd - Published: 2020-06-09 20:15 - Updated: 2024-11-21 05:38
Severity ?
Summary
An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synaptics:smart_audio_uwp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60911CE4-DC1E-420B-BAAF-A881C026CB35",
"versionEndExcluding": "1.0.83.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lenovo:5-15ikb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E8EF8E-6096-418B-BE88-6C0DE0B8DAF9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:air-14_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE2CE62-FD58-4DA5-8E36-E09DD34174A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:c340-14iwl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA81101-6A60-4F8C-A9AE-3D4DE12E3D4D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:flex-14iwl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6826664-4C5F-4BD1-80F8-BB7E41198122",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:s540-14iwl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64278716-BB66-437C-8829-97A05F3A636B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:s540-14iwl_touch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDFF08B-3CEA-4DB6-8B45-81113230FC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_11e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "247E4294-2547-4A1D-942A-170DA5DDB388",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AAD24C2-BA08-4827-A19A-33C4D71C573F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_a275:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577AACCC-001A-4C73-B036-CA942080304F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_a285:-:*:*:*:*:*:*:*",
"matchCriteriaId": "259D895B-9968-41CF-8DB4-FAAB5A4C04AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_a475:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE1D9347-9561-45A3-A434-3A0802BC8953",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_a485:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37B871C5-73F4-43FF-BCF1-B9B1B52FAC31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA339604-9751-43FA-B76F-7F2171615EC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e450c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1ACFA23-CA56-4350-971D-DEF9B1EB2ADB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e455:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CE114D6-94A7-49E3-B59F-A15F5C0CA091",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e460:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57A9D0E7-6995-4485-948D-1C6AE3DA0852",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e465:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E37D1D5-96FF-43AD-963C-89263E578EAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEB3B20B-F86E-4D83-BFD1-A70BE06B55CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e475:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7A17E2-C8F2-4AF0-BF87-14B3AD0EF75A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F18F059-A701-41EE-B711-46DC7B5A1389",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e485:-:*:*:*:*:*:*:*",
"matchCriteriaId": "342DF899-78B0-4573-B631-8E607AB569C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e490:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3647F05A-FE86-494A-BA16-0009C7ACB799",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e490s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50B892C3-C61F-452C-9A84-7824F4184F04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF19B858-DE7F-4A32-ACC3-ECEF1247FF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e545:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E6DD33-F8B0-4B7F-A777-4CDC8CDB5D5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "516C4759-773C-4975-AEF5-9976E0DFD36E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e550c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33A5B02A-5CAF-4313-BF39-56501EC5638E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e555:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5262D8E3-E4AB-433D-8752-043A12129A88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1503BA-645A-4051-8DE7-1DCCACC5D25A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e565:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E98974C2-F0F8-4BB1-8AB6-10E71B3C614F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE35D0C7-721B-4AD7-A483-E1671C00C227",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e575:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F16C4BFE-5054-470D-9BF8-8A8B2DE3F4E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E574BA8-65D9-4836-B448-254D613DA86E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e585:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3E9204-096A-43CF-BF1A-808691A2975B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_e590:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D03AC004-4251-47AB-AE46-2BDD93F884D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_edge_e440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "594AB083-54EA-4BE3-9978-644E85CEA340",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_edge_e445:-:*:*:*:*:*:*:*",
"matchCriteriaId": "272C1500-E07F-4340-9207-F778C6AEB3CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_l380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FFC7C4-2CAF-440A-8ED8-F25EA19F86C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_l380_yoga:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2187E37E-E3D6-467A-934C-D5613FBF8641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_l390_yoga:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17DD928B-F0BF-44F1-9EA4-DC82233A2E69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_l440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D9E5785-3AC4-4BAF-BFA8-86C327C9183F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_l450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A581500-3F97-4B68-92F9-0EE9182603CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_l460:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25DE4E9C-5296-4FB5-A2FD-363D4682E6D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_l470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0930094D-D5E5-4941-8C0C-1C8208310D68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_l480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "146462F0-69DA-4583-84C5-E1F2CE27E274",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_l540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA3F27E4-1508-444A-ADC5-694B67383F56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_l580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3245C2B-CED0-442E-ADE4-240F77D8AEC2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_p1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF379C36-AD7A-4C89-9636-2EC418D34D59",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_p40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "164E0FD3-1B46-4D18-B640-B350CA464961",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_p53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D79A7D7F-7F46-4AD8-B90F-79E43B410E75",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_p73:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5456AA95-094C-461C-85D4-22BDD23DF826",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_r490:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F639EA7-4C2E-4766-94E3-8ED531026119",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_r590:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87E9F1A6-F657-455D-979E-15493E698542",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s1_3rd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BB8219F-2EF5-4882-B007-86F9AE2ECEEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s1_yoga_12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52944176-C48C-4439-B0F5-9584491867CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_3rd_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D41F220A-8F71-49A7-BE07-D0B885C6CEB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_4th_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71D21EBE-E2DE-4FB3-93ED-0DD0B33C829B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B96D333-5403-49F1-8B53-1BD61BD8E0AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s3-s440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA02160-1D81-44CE-8B2E-594784303464",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s3_3rd_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C9FC9E-5E61-4890-A102-91B3461516F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s3_yoga_14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B32CEBA9-DE1B-415F-9F7A-4D790E46AA4D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_s5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF7D68C-E60D-4181-9CD9-70111252B8D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_t450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D943E973-EEAF-48E6-BD8A-05C61EA4FD0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_t450s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB7FFCD-F586-4846-9053-B56EA599D4EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_t460:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D86FD3AD-D731-4C30-8A72-EC1A45B203F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_t460p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E6AE13-913E-4FD7-A0DC-F554605F81B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_t470p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8796BA28-2705-4798-A95C-A821BB941A03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_extreme:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B89E5E-808D-4500-A33D-3B86E8CB28D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_x260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08393A13-D68E-4042-B223-EF80E581EEBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_x270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94532BBF-D9CF-4164-BACA-AFEA8C35806C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_x380_yoga:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E1704F-6BB6-4B7C-ADE6-720533FB46E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_yoga_11e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6C2E66F-B45C-4850-8C19-2AD84939173C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_yoga_11e_3rd_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8D4BE6-6E87-4892-9E16-2799D0E0CA21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_yoga_11e_4th_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24977327-E104-4F51-8CF1-6EF1FEAED9F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_yoga_11e_5th_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75F5B67B-0DFE-4FE3-B362-641DBE29A6C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_yoga_14_460_s3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F100E9-0BB9-4503-9B0D-20ECE5702568",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:thinkpad_yoga_370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30B0E5C1-5A7B-4310-A4D3-A12E1F059568",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:v130-15igm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5053055-975C-4074-A9BA-BEB2E055DDEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:v130-15ikb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E32DEE9B-A1C0-4679-BDE3-21E57977443F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:v310-15igm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6636D55-E926-470B-A0A0-3E8EFD0ABCED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:v330-15igm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "018037E5-FBB5-4B50-AC0C-CE99EAE992DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lenovo:yoga_14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "593CFCC6-4960-45EB-92C2-C8CA8757C103",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code."
},
{
"lang": "es",
"value": "Se report\u00f3 una vulnerabilidad de ruta de b\u00fasqueda sin comillas en versiones anteriores a 1.0.83.0 de la aplicaci\u00f3n Synaptics Smart Audio UWP asociada con los controladores de audio DCHU en las plataformas de Lenovo que podr\u00edan permitir a un usuario administrativo ejecutar c\u00f3digo arbitrario"
}
],
"id": "CVE-2020-8337",
"lastModified": "2024-11-21T05:38:44.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-09T20:15:22.773",
"references": [
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/len-30707"
},
{
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.synaptics.com/sites/default/files/audio-driver-security-brief-2020-06-09.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/len-30707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.synaptics.com/sites/default/files/audio-driver-security-brief-2020-06-09.pdf"
}
],
"sourceIdentifier": "psirt@lenovo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "psirt@lenovo.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-8337 (GCVE-0-2020-8337)
Vulnerability from cvelistv5 – Published: 2020-06-09 19:50 – Updated: 2024-09-16 18:38
VLAI?
Summary
An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lenovo | Synaptics Smart Audio UWP App |
Affected:
unspecified , < 1.0.83.0
(custom)
|
Credits
Synaptics would like to thank Michele Dell'Uomo (Quantum Leap Srl - a Deloitte business) for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len-30707"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.synaptics.com/sites/default/files/audio-driver-security-brief-2020-06-09.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synaptics Smart Audio UWP App",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.0.83.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Synaptics would like to thank Michele Dell\u0027Uomo (Quantum Leap Srl - a Deloitte business) for reporting this issue."
}
],
"datePublic": "2020-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-09T19:50:38",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.lenovo.com/us/en/product_security/len-30707"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.synaptics.com/sites/default/files/audio-driver-security-brief-2020-06-09.pdf"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to version 1.0.83.0 (or later) of the Smart Audio app, which installs with the corresponding audio driver version."
}
],
"source": {
"advisory": "LEN-3707",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2020-06-09T18:00:00.000Z",
"ID": "CVE-2020-8337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synaptics Smart Audio UWP App",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.0.83.0"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Synaptics would like to thank Michele Dell\u0027Uomo (Quantum Leap Srl - a Deloitte business) for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-428 Unquoted Search Path or Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/len-30707",
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/len-30707"
},
{
"name": "https://www.synaptics.com/sites/default/files/audio-driver-security-brief-2020-06-09.pdf",
"refsource": "MISC",
"url": "https://www.synaptics.com/sites/default/files/audio-driver-security-brief-2020-06-09.pdf"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to version 1.0.83.0 (or later) of the Smart Audio app, which installs with the corresponding audio driver version."
}
],
"source": {
"advisory": "LEN-3707",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2020-8337",
"datePublished": "2020-06-09T19:50:38.150822Z",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-09-16T18:38:25.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8337 (GCVE-0-2020-8337)
Vulnerability from nvd – Published: 2020-06-09 19:50 – Updated: 2024-09-16 18:38
VLAI?
Summary
An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lenovo | Synaptics Smart Audio UWP App |
Affected:
unspecified , < 1.0.83.0
(custom)
|
Credits
Synaptics would like to thank Michele Dell'Uomo (Quantum Leap Srl - a Deloitte business) for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len-30707"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.synaptics.com/sites/default/files/audio-driver-security-brief-2020-06-09.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synaptics Smart Audio UWP App",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.0.83.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Synaptics would like to thank Michele Dell\u0027Uomo (Quantum Leap Srl - a Deloitte business) for reporting this issue."
}
],
"datePublic": "2020-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-09T19:50:38",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.lenovo.com/us/en/product_security/len-30707"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.synaptics.com/sites/default/files/audio-driver-security-brief-2020-06-09.pdf"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to version 1.0.83.0 (or later) of the Smart Audio app, which installs with the corresponding audio driver version."
}
],
"source": {
"advisory": "LEN-3707",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2020-06-09T18:00:00.000Z",
"ID": "CVE-2020-8337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synaptics Smart Audio UWP App",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.0.83.0"
}
]
}
}
]
},
"vendor_name": "Lenovo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Synaptics would like to thank Michele Dell\u0027Uomo (Quantum Leap Srl - a Deloitte business) for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-428 Unquoted Search Path or Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/len-30707",
"refsource": "MISC",
"url": "https://support.lenovo.com/us/en/product_security/len-30707"
},
{
"name": "https://www.synaptics.com/sites/default/files/audio-driver-security-brief-2020-06-09.pdf",
"refsource": "MISC",
"url": "https://www.synaptics.com/sites/default/files/audio-driver-security-brief-2020-06-09.pdf"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to version 1.0.83.0 (or later) of the Smart Audio app, which installs with the corresponding audio driver version."
}
],
"source": {
"advisory": "LEN-3707",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2020-8337",
"datePublished": "2020-06-09T19:50:38.150822Z",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-09-16T18:38:25.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}