Vulnerabilites related to lenovo - thinkpad_t590_\(20nx\)
cve-2020-8341
Vulnerability from cvelistv5
Published
2020-09-01 21:30
Modified
2024-09-16 23:16
Severity ?
Summary
In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.
References
Impacted products
Vendor Product Version
Lenovo ThinkPad Version: various
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T09:56:28.358Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://support.lenovo.com/us/en/product_security/LEN-30042",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "ThinkPad",
               vendor: "Lenovo",
               versions: [
                  {
                     status: "affected",
                     version: "various",
                  },
               ],
            },
         ],
         datePublic: "2020-09-01T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "None",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-01T21:30:16",
            orgId: "da227ddf-6e25-4b41-b023-0f976dcaca4b",
            shortName: "lenovo",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://support.lenovo.com/us/en/product_security/LEN-30042",
            },
         ],
         solutions: [
            {
               lang: "en",
               value: "No action required. Lenovo has updated BIOS for systems in the product impact section to implement this secondary protection, PRx.",
            },
         ],
         source: {
            advisory: "LEN-30042",
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.0.9",
         },
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@lenovo.com",
               DATE_PUBLIC: "2020-09-01T21:00:00.000Z",
               ID: "CVE-2020-8341",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "ThinkPad",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "=",
                                          version_value: "various",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Lenovo",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.",
                  },
               ],
            },
            generator: {
               engine: "Vulnogram 0.0.9",
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "None",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://support.lenovo.com/us/en/product_security/LEN-30042",
                     refsource: "MISC",
                     url: "https://support.lenovo.com/us/en/product_security/LEN-30042",
                  },
               ],
            },
            solution: [
               {
                  lang: "en",
                  value: "No action required. Lenovo has updated BIOS for systems in the product impact section to implement this secondary protection, PRx.",
               },
            ],
            source: {
               advisory: "LEN-30042",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "da227ddf-6e25-4b41-b023-0f976dcaca4b",
      assignerShortName: "lenovo",
      cveId: "CVE-2020-8341",
      datePublished: "2020-09-01T21:30:16.648832Z",
      dateReserved: "2020-01-28T00:00:00",
      dateUpdated: "2024-09-16T23:16:41.057Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-8336
Vulnerability from cvelistv5
Published
2020-06-09 19:50
Modified
2024-09-16 19:56
Summary
Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.
References
Impacted products
Vendor Product Version
Lenovo BIOS Version: various
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T09:56:28.349Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://support.lenovo.com/us/en/product_security/LEN-30042",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "BIOS",
               vendor: "Lenovo",
               versions: [
                  {
                     status: "affected",
                     version: "various",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Lenovo thanks Maxim Goryachy & Mark Ermolov of Positive Technologies",
            },
         ],
         datePublic: "2020-06-09T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "PHYSICAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "anti rollback prevention",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-06-09T19:50:37",
            orgId: "da227ddf-6e25-4b41-b023-0f976dcaca4b",
            shortName: "lenovo",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://support.lenovo.com/us/en/product_security/LEN-30042",
            },
         ],
         solutions: [
            {
               lang: "en",
               value: "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-30042.",
            },
         ],
         source: {
            advisory: "LEN-30042",
            discovery: "UNKNOWN",
         },
         x_generator: {
            engine: "Vulnogram 0.0.9",
         },
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@lenovo.com",
               DATE_PUBLIC: "2020-06-09T18:00:00.000Z",
               ID: "CVE-2020-8336",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "BIOS",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "=",
                                          version_value: "various",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Lenovo",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Lenovo thanks Maxim Goryachy & Mark Ermolov of Positive Technologies",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.",
                  },
               ],
            },
            generator: {
               engine: "Vulnogram 0.0.9",
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "PHYSICAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "anti rollback prevention",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://support.lenovo.com/us/en/product_security/LEN-30042",
                     refsource: "MISC",
                     url: "https://support.lenovo.com/us/en/product_security/LEN-30042",
                  },
               ],
            },
            solution: [
               {
                  lang: "en",
                  value: "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-30042.",
               },
            ],
            source: {
               advisory: "LEN-30042",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "da227ddf-6e25-4b41-b023-0f976dcaca4b",
      assignerShortName: "lenovo",
      cveId: "CVE-2020-8336",
      datePublished: "2020-06-09T19:50:37.711121Z",
      dateReserved: "2020-01-28T00:00:00",
      dateUpdated: "2024-09-16T19:56:08.433Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2020-09-01 22:15
Modified
2024-11-21 05:38
Summary
In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C0ED900A-DA9D-4AB6-9BE4-3037D45978C2",
                     versionEndExcluding: "n2iet90w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20nx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FCE9161-C5D8-4BC2-B075-C828EE330953",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D381BE27-C4D8-41E8-BFB4-4F215CF95D50",
                     versionEndExcluding: "n2iet90w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DFC65D06-DEF3-43B1-87D0-4E77E87788AD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20rx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F54EAADF-C531-458A-93EB-3BEFFCB46D29",
                     versionEndExcluding: "n2ret16w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20rx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE25D8AC-240A-4282-9740-9936B6993056",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t490s_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D47E30A9-5816-4403-82FE-093FDE585945",
                     versionEndExcluding: "n2jet89w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t490s_\\(20nx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD17ABF1-EC17-42FE-9423-CC4667BE8F46",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t495_drift_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "33CEA6E9-09DD-45AB-B77D-1DB74BE1721D",
                     versionEndExcluding: "2020-08-30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t495_drift:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0E27B26-3BF6-4FCE-BF1B-8F0B857BF454",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t590_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7D8E1B5-4883-4D69-B49C-C5B87846C214",
                     versionEndExcluding: "n2iet90w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t590_\\(20nx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "807167DF-CB8C-4236-86A5-B82899157830",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_carbon_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1736FD68-7594-4641-B5F2-8CA561CF82CC",
                     versionEndExcluding: "n2het54w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x1_carbon_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "449F3F75-026A-46FA-BEAC-C07709428D3B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_yoga_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A18FEBB-D550-43EF-8C49-A67C08230FCC",
                     versionEndExcluding: "n2het54w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x1_yoga_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "02F1D644-18DE-4C44-855A-76FC4762877E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x390_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ECDED187-4666-4F97-A367-AD3328D26BB1",
                     versionEndExcluding: "n2jet89w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x390_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AC972297-7E55-49E8-A305-22947FB65768",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x390_\\(20sx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "898080AE-8CD9-40D6-AA2A-3DC2FED5DCB3",
                     versionEndExcluding: "n2set18w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x390_\\(20sx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99C27CFA-A88C-40ED-9A6F-8E6CC9DDC6BD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.",
      },
      {
         lang: "es",
         value: "En los sistemas Lenovo, SMM BIOS Write Protection es usada para impedir escrituras en la SPI Flash. Si bien esto proporciona suficiente protección, una capa adicional de protección es proporcionada por SPI Protected Range Registers (PRx). Después de reanudar desde el modo de suspensión S3 en varias versiones de BIOS para algunos sistemas Lenovo ThinkPad, el PRx no está configurado. Esto no afecta a SMM BIOS Write Protection, que mantiene los sistemas protegidos",
      },
   ],
   id: "CVE-2020-8341",
   lastModified: "2024-11-21T05:38:44.680",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 2.1,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "PHYSICAL",
               availabilityImpact: "NONE",
               baseScore: 2.4,
               baseSeverity: "LOW",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 0.9,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-09-01T22:15:10.377",
   references: [
      {
         source: "psirt@lenovo.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://support.lenovo.com/us/en/product_security/LEN-30042",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://support.lenovo.com/us/en/product_security/LEN-30042",
      },
   ],
   sourceIdentifier: "psirt@lenovo.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-06-09 20:15
Modified
2024-11-21 05:38
Summary
Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.
Impacted products
Vendor Product Version
lenovo thinkpad_e14_firmware *
lenovo thinkpad_e14 -
lenovo thinkpad_e15_firmware *
lenovo thinkpad_e15 -
lenovo thinkpad_r14_firmware *
lenovo thinkpad_r14 -
lenovo thinkpad_s3_gen_2_firmware *
lenovo thinkpad_s3_gen_2 -
lenovo thinkpad_e490s_firmware *
lenovo thinkpad_e490s -
lenovo thinkpad_s3_firmware *
lenovo thinkpad_s3 -
lenovo thinkpad_e490_firmware *
lenovo thinkpad_e490 -
lenovo thinkpad_e590_firmware *
lenovo thinkpad_e590 -
lenovo thinkpad_r490_firmware *
lenovo thinkpad_r490 -
lenovo thinkpad_r590_firmware *
lenovo thinkpad_r590 -
lenovo thinkpad_l13_1st_gen_firmware *
lenovo thinkpad_l13_1st_gen -
lenovo thinkpad_l1415_gen_1_firmware *
lenovo thinkpad_l1415_gen_1 -
lenovo thinkpad_l390_yoga_firmware *
lenovo thinkpad_l390_yoga -
lenovo thinkpad_s2_yoga_4th_gen_firmware *
lenovo thinkpad_s2_yoga_4th_gen -
lenovo thinkpad_l490_firmware *
lenovo thinkpad_l490 -
lenovo thinkpad_l590_firmware *
lenovo thinkpad_l590 -
lenovo thinkpad_p1_\(20mx\)_firmware *
lenovo thinkpad_p1_\(20mx\) -
lenovo thinkpad_p1_\(20qx\)_firmware *
lenovo thinkpad_p1_\(20qx\) -
lenovo thinkpad_p43s_\(20rx\)_firmware *
lenovo thinkpad_p43s_\(20rx\) -
lenovo thinkpad_p52_\(20mx\)_firmware *
lenovo thinkpad_p52_\(20mx\) -
lenovo thinkpad_p53_\(20qx\)_firmware *
lenovo thinkpad_p53_\(20qx\) -
lenovo thinkpad_p53s_\(20nx\)_firmware *
lenovo thinkpad_p53s_\(20nx\) -
lenovo thinkpad_p72_\(20mx\)_firmware *
lenovo thinkpad_p72_\(20mx\) -
lenovo thinkpad_p73_\(20qx\)_firmware *
lenovo thinkpad_p73_\(20qx\) -
lenovo thinkpad_t490_\(20nx\)_firmware *
lenovo thinkpad_t490_\(20nx\) -
lenovo thinkpad_t490_\(20qx\)_firmware *
lenovo thinkpad_t490_\(20qx\) -
lenovo thinkpad_t490_\(20rx\)_firmware *
lenovo thinkpad_t490_\(20rx\) -
lenovo thinkpad_t490s_\(20nx\)_firmware *
lenovo thinkpad_t490s_\(20nx\) -
lenovo thinkpad_t590_\(20nx\)_firmware *
lenovo thinkpad_t590_\(20nx\) -
lenovo thinkpad_x1_carbon_\(20qx\)_firmware *
lenovo thinkpad_x1_carbon_\(20qx\) -
lenovo thinkpad_x1_carbon_\(20rx\)_firmware *
lenovo thinkpad_x1_carbon_\(20rx\) -
lenovo thinkpad_x1_extreme_\(20mx\)_firmware *
lenovo thinkpad_x1_extreme_\(20mx\) -
lenovo thinkpad_x1_extreme_\(20qx\)_firmware *
lenovo thinkpad_x1_extreme_\(20qx\) -
lenovo thinkpad_x1_yoga_\(20qx\)_firmware *
lenovo thinkpad_x1_yoga_\(20qx\) -
lenovo thinkpad_x1_yoga_\(20sx\)_firmware *
lenovo thinkpad_x1_yoga_\(20sx\) -
lenovo thinkpad_x390_\(20qx\)_firmware *
lenovo thinkpad_x390_\(20qx\) -
lenovo thinkpad_x390_\(20sx\)_firmware *
lenovo thinkpad_x390_\(20sx\) -
lenovo thinkpad_x390_yoga_firmware *
lenovo thinkpad_x390_yoga -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_e14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4DC3C121-2198-4D29-B45C-9DE1DC965B8C",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_e14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD0A0B6A-7932-4811-BC62-575B3FA9F86C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_e15_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A11AFBE0-6FAB-477D-9899-F5B3C0816351",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_e15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E9EC7DC-D272-4986-8320-B5920E3EC2F5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_r14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2595B9BE-8FA4-400A-A1B5-EAC9B06B9D78",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_r14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "438ACF29-9418-42FD-B4AB-F67A80A52C32",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_s3_gen_2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C8A33D6-445B-4ECC-A838-6BEB1DAD1A17",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_s3_gen_2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC3319D1-F0B2-4E48-B55D-90E7AD5123BB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_e490s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "11E0E20B-2CD6-4793-BF59-459F546E802A",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_e490s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50B892C3-C61F-452C-9A84-7824F4184F04",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_s3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9158F4F9-4F3D-4F25-BC80-D58BF37DFEDF",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_s3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B96D333-5403-49F1-8B53-1BD61BD8E0AA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_e490_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E7E04AB-6CFA-45CF-9451-CA93B17886CC",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_e490:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3647F05A-FE86-494A-BA16-0009C7ACB799",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_e590_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "53CAC99C-6F5C-4956-8AC7-F06CEACB72D9",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_e590:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D03AC004-4251-47AB-AE46-2BDD93F884D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_r490_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9EC3034-26AB-4C3D-B8A3-ED0C07C11561",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_r490:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F639EA7-4C2E-4766-94E3-8ED531026119",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_r590_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "87D8E689-363F-4FFE-9752-7900E82A7320",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_r590:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87E9F1A6-F657-455D-979E-15493E698542",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_l13_1st_gen_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "27BF4C83-C352-4ACA-84D9-96752207A261",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_l13_1st_gen:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C16CF1F6-3582-4D88-B640-11423C64A752",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_l1415_gen_1_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC90658F-F00F-4A6F-A277-EAD4986BEE68",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_l1415_gen_1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "828A7B3F-AADC-4BFA-AD78-145F3E00F7CD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_l390_yoga_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "99347D7C-6BE2-4608-855C-A90F63444CD8",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_l390_yoga:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17DD928B-F0BF-44F1-9EA4-DC82233A2E69",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_s2_yoga_4th_gen_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE5765F4-1955-4BD0-AC2F-E7FD56F2F185",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_s2_yoga_4th_gen:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71D21EBE-E2DE-4FB3-93ED-0DD0B33C829B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_l490_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0458A09D-100A-4F82-8F77-71B8552EE452",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_l490:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFE6D03B-0689-482E-8034-D7DC06249F0A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_l590_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "574B7B2D-689F-4702-9BE8-47721D6B3638",
                     versionEndExcluding: "2020-07-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_l590:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82885E0E-257F-4F3F-B16B-35C9FA8D349B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p1_\\(20mx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D06C40E-A184-440F-ACAF-0694BBF09539",
                     versionEndExcluding: "n2eet47w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p1_\\(20mx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE691ED7-14C7-45A7-9BE8-8F11A7C389C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p1_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D6F2A5F-1197-415C-AB94-F4FB471797D3",
                     versionEndExcluding: "n2oet44w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p1_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9509F2A5-F280-48B2-9573-EF5397B49E58",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p43s_\\(20rx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C0E59EA-3690-47F2-A455-590A241B294C",
                     versionEndExcluding: "n2iet88w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p43s_\\(20rx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3EBEBB7-31A3-433D-9B28-77D027313248",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p52_\\(20mx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C709FB01-FFD1-49ED-B8CF-0E6E4A0F6CAD",
                     versionEndExcluding: "n2cet51w-1.34",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p52_\\(20mx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A8904E6D-9951-4C78-A9FC-70ADB441C3BB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p53_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E274C677-A79C-4EFF-9C29-87A4AF01609F",
                     versionEndExcluding: "n2net37w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p53_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41BC3E03-773C-4223-9B46-A31AA5B8D411",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p53s_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EEF2E9E-4E53-49D4-B70E-96F362E5E021",
                     versionEndExcluding: "n2iet88w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p53s_\\(20nx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "205A0A26-FEC1-4476-9C4F-DF93973DB1A1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p72_\\(20mx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "843BBB4C-76E7-4A05-A2B8-CED5C084BD83",
                     versionEndExcluding: "n2cet51w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p72_\\(20mx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA19FB79-9AD1-4C1D-87A2-A2A05CAA30F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_p73_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D828F960-B95C-4EAD-ADA5-AE0911341497",
                     versionEndExcluding: "n2net37w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_p73_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9BB3743F-FD8B-4F56-866D-E649FAD1D159",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "661F2BB9-BB04-4295-A58D-9501BE4E51D2",
                     versionEndExcluding: "n2iet88w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20nx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FCE9161-C5D8-4BC2-B075-C828EE330953",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A47B9CBD-A18B-4017-9BC7-5BCA87DA97C7",
                     versionEndExcluding: "n2iet88w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DFC65D06-DEF3-43B1-87D0-4E77E87788AD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20rx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A0763F3-64DC-41D2-BB82-33A5A612B82A",
                     versionEndExcluding: "n2iet88w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20rx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE25D8AC-240A-4282-9740-9936B6993056",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t490s_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "16CEBEE6-AFC4-42DD-9454-1FE877A8D705",
                     versionEndExcluding: "n2jet87w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t490s_\\(20nx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD17ABF1-EC17-42FE-9423-CC4667BE8F46",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_t590_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "08AE1515-079B-4940-B2B6-DFBFB75EFA7F",
                     versionEndExcluding: "n2iet88w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_t590_\\(20nx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "807167DF-CB8C-4236-86A5-B82899157830",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_carbon_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D828CE8-FB11-4529-8564-5997229CCB7D",
                     versionEndExcluding: "n2het47w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x1_carbon_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "449F3F75-026A-46FA-BEAC-C07709428D3B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_carbon_\\(20rx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C73D56D-D19D-4BFE-BF2E-08502586FDCE",
                     versionEndExcluding: "n2het47w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x1_carbon_\\(20rx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E612BA69-D901-4402-AFC6-F5DB5FFC04FD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_extreme_\\(20mx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF8F43E5-FD2B-4A68-93E6-D1A39EC87867",
                     versionEndExcluding: "n2eet47w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x1_extreme_\\(20mx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A84FB66E-C317-40D2-9DD0-22B814521B8E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_extreme_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F582FC1-A59B-45F2-B20D-ADFBC5B5CB8C",
                     versionEndExcluding: "n2oet44w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x1_extreme_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B3E2814-9E2C-45FC-94DF-EFCC337235CE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_yoga_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "53B2C97B-4D7A-4E9A-B1C3-81E39B0052F0",
                     versionEndExcluding: "n2het47w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x1_yoga_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "02F1D644-18DE-4C44-855A-76FC4762877E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x1_yoga_\\(20sx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F70C1481-4D8F-4E9F-9F41-7DF9D4C5BB31",
                     versionEndExcluding: "n2het47w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x1_yoga_\\(20sx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DCC3DCC-0146-4595-BFEF-7EA853E19DDD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x390_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAE5ED0E-169A-41BF-B591-549BE9BAAA49",
                     versionEndExcluding: "n2jet87w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x390_\\(20qx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AC972297-7E55-49E8-A305-22947FB65768",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x390_\\(20sx\\)_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "898080AE-8CD9-40D6-AA2A-3DC2FED5DCB3",
                     versionEndExcluding: "n2set18w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x390_\\(20sx\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99C27CFA-A88C-40ED-9A6F-8E6CC9DDC6BD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:lenovo:thinkpad_x390_yoga_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "677361F8-C106-4992-96A9-17903481479F",
                     versionEndExcluding: "n2let74w",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:lenovo:thinkpad_x390_yoga:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "30D40345-389F-4727-B549-1883C3454129",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.",
      },
      {
         lang: "es",
         value: "Lenovo implementó protecciones de Intel CSME Anti-rollback ARB en algunos modelos ThinkPad para impedir la reversión del Firmware CSME en flash",
      },
   ],
   id: "CVE-2020-8336",
   lastModified: "2024-11-21T05:38:44.077",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "PHYSICAL",
               availabilityImpact: "HIGH",
               baseScore: 6.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.5,
            impactScore: 5.9,
            source: "psirt@lenovo.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "PHYSICAL",
               availabilityImpact: "HIGH",
               baseScore: 6.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.9,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-06-09T20:15:22.693",
   references: [
      {
         source: "psirt@lenovo.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://support.lenovo.com/us/en/product_security/LEN-30042",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://support.lenovo.com/us/en/product_security/LEN-30042",
      },
   ],
   sourceIdentifier: "psirt@lenovo.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}