Vulnerabilites related to lenovo - thinkpad_t590_\(20nx\)
cve-2020-8341
Vulnerability from cvelistv5
Published
2020-09-01 21:30
Modified
2024-09-16 23:16
Severity ?
EPSS score ?
Summary
In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.
References
▼ | URL | Tags |
---|---|---|
https://support.lenovo.com/us/en/product_security/LEN-30042 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:56:28.358Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/LEN-30042", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ThinkPad", vendor: "Lenovo", versions: [ { status: "affected", version: "various", }, ], }, ], datePublic: "2020-09-01T00:00:00", descriptions: [ { lang: "en", value: "In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.", }, ], problemTypes: [ { descriptions: [ { description: "None", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-01T21:30:16", orgId: "da227ddf-6e25-4b41-b023-0f976dcaca4b", shortName: "lenovo", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.lenovo.com/us/en/product_security/LEN-30042", }, ], solutions: [ { lang: "en", value: "No action required. Lenovo has updated BIOS for systems in the product impact section to implement this secondary protection, PRx.", }, ], source: { advisory: "LEN-30042", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@lenovo.com", DATE_PUBLIC: "2020-09-01T21:00:00.000Z", ID: "CVE-2020-8341", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "ThinkPad", version: { version_data: [ { version_affected: "=", version_value: "various", }, ], }, }, ], }, vendor_name: "Lenovo", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "None", }, ], }, ], }, references: { reference_data: [ { name: "https://support.lenovo.com/us/en/product_security/LEN-30042", refsource: "MISC", url: "https://support.lenovo.com/us/en/product_security/LEN-30042", }, ], }, solution: [ { lang: "en", value: "No action required. Lenovo has updated BIOS for systems in the product impact section to implement this secondary protection, PRx.", }, ], source: { advisory: "LEN-30042", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "da227ddf-6e25-4b41-b023-0f976dcaca4b", assignerShortName: "lenovo", cveId: "CVE-2020-8341", datePublished: "2020-09-01T21:30:16.648832Z", dateReserved: "2020-01-28T00:00:00", dateUpdated: "2024-09-16T23:16:41.057Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-8336
Vulnerability from cvelistv5
Published
2020-06-09 19:50
Modified
2024-09-16 19:56
Severity ?
EPSS score ?
Summary
Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.
References
▼ | URL | Tags |
---|---|---|
https://support.lenovo.com/us/en/product_security/LEN-30042 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:56:28.349Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.lenovo.com/us/en/product_security/LEN-30042", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIOS", vendor: "Lenovo", versions: [ { status: "affected", version: "various", }, ], }, ], credits: [ { lang: "en", value: "Lenovo thanks Maxim Goryachy & Mark Ermolov of Positive Technologies", }, ], datePublic: "2020-06-09T00:00:00", descriptions: [ { lang: "en", value: "Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "anti rollback prevention", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-09T19:50:37", orgId: "da227ddf-6e25-4b41-b023-0f976dcaca4b", shortName: "lenovo", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.lenovo.com/us/en/product_security/LEN-30042", }, ], solutions: [ { lang: "en", value: "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-30042.", }, ], source: { advisory: "LEN-30042", discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@lenovo.com", DATE_PUBLIC: "2020-06-09T18:00:00.000Z", ID: "CVE-2020-8336", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIOS", version: { version_data: [ { version_affected: "=", version_value: "various", }, ], }, }, ], }, vendor_name: "Lenovo", }, ], }, }, credit: [ { lang: "eng", value: "Lenovo thanks Maxim Goryachy & Mark Ermolov of Positive Technologies", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "anti rollback prevention", }, ], }, ], }, references: { reference_data: [ { name: "https://support.lenovo.com/us/en/product_security/LEN-30042", refsource: "MISC", url: "https://support.lenovo.com/us/en/product_security/LEN-30042", }, ], }, solution: [ { lang: "en", value: "Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-30042.", }, ], source: { advisory: "LEN-30042", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "da227ddf-6e25-4b41-b023-0f976dcaca4b", assignerShortName: "lenovo", cveId: "CVE-2020-8336", datePublished: "2020-06-09T19:50:37.711121Z", dateReserved: "2020-01-28T00:00:00", dateUpdated: "2024-09-16T19:56:08.433Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2020-09-01 22:15
Modified
2024-11-21 05:38
Severity ?
Summary
In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0ED900A-DA9D-4AB6-9BE4-3037D45978C2", versionEndExcluding: "n2iet90w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20nx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "0FCE9161-C5D8-4BC2-B075-C828EE330953", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D381BE27-C4D8-41E8-BFB4-4F215CF95D50", versionEndExcluding: "n2iet90w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "DFC65D06-DEF3-43B1-87D0-4E77E87788AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20rx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F54EAADF-C531-458A-93EB-3BEFFCB46D29", versionEndExcluding: "n2ret16w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20rx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "CE25D8AC-240A-4282-9740-9936B6993056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_t490s_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D47E30A9-5816-4403-82FE-093FDE585945", versionEndExcluding: "n2jet89w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_t490s_\\(20nx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "AD17ABF1-EC17-42FE-9423-CC4667BE8F46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_t495_drift_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33CEA6E9-09DD-45AB-B77D-1DB74BE1721D", versionEndExcluding: "2020-08-30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_t495_drift:-:*:*:*:*:*:*:*", matchCriteriaId: "B0E27B26-3BF6-4FCE-BF1B-8F0B857BF454", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_t590_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F7D8E1B5-4883-4D69-B49C-C5B87846C214", versionEndExcluding: "n2iet90w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_t590_\\(20nx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "807167DF-CB8C-4236-86A5-B82899157830", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x1_carbon_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1736FD68-7594-4641-B5F2-8CA561CF82CC", versionEndExcluding: "n2het54w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x1_carbon_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "449F3F75-026A-46FA-BEAC-C07709428D3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x1_yoga_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A18FEBB-D550-43EF-8C49-A67C08230FCC", versionEndExcluding: "n2het54w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x1_yoga_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "02F1D644-18DE-4C44-855A-76FC4762877E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x390_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ECDED187-4666-4F97-A367-AD3328D26BB1", versionEndExcluding: "n2jet89w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x390_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "AC972297-7E55-49E8-A305-22947FB65768", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x390_\\(20sx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "898080AE-8CD9-40D6-AA2A-3DC2FED5DCB3", versionEndExcluding: "n2set18w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x390_\\(20sx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "99C27CFA-A88C-40ED-9A6F-8E6CC9DDC6BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.", }, { lang: "es", value: "En los sistemas Lenovo, SMM BIOS Write Protection es usada para impedir escrituras en la SPI Flash. Si bien esto proporciona suficiente protección, una capa adicional de protección es proporcionada por SPI Protected Range Registers (PRx). Después de reanudar desde el modo de suspensión S3 en varias versiones de BIOS para algunos sistemas Lenovo ThinkPad, el PRx no está configurado. Esto no afecta a SMM BIOS Write Protection, que mantiene los sistemas protegidos", }, ], id: "CVE-2020-8341", lastModified: "2024-11-21T05:38:44.680", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 2.4, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-01T22:15:10.377", references: [ { source: "psirt@lenovo.com", tags: [ "Vendor Advisory", ], url: "https://support.lenovo.com/us/en/product_security/LEN-30042", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.lenovo.com/us/en/product_security/LEN-30042", }, ], sourceIdentifier: "psirt@lenovo.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-09 20:15
Modified
2024-11-21 05:38
Severity ?
6.4 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_e14_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4DC3C121-2198-4D29-B45C-9DE1DC965B8C", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_e14:-:*:*:*:*:*:*:*", matchCriteriaId: "CD0A0B6A-7932-4811-BC62-575B3FA9F86C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_e15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A11AFBE0-6FAB-477D-9899-F5B3C0816351", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_e15:-:*:*:*:*:*:*:*", matchCriteriaId: "7E9EC7DC-D272-4986-8320-B5920E3EC2F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_r14_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2595B9BE-8FA4-400A-A1B5-EAC9B06B9D78", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_r14:-:*:*:*:*:*:*:*", matchCriteriaId: "438ACF29-9418-42FD-B4AB-F67A80A52C32", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_s3_gen_2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3C8A33D6-445B-4ECC-A838-6BEB1DAD1A17", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_s3_gen_2:-:*:*:*:*:*:*:*", matchCriteriaId: "FC3319D1-F0B2-4E48-B55D-90E7AD5123BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_e490s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11E0E20B-2CD6-4793-BF59-459F546E802A", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_e490s:-:*:*:*:*:*:*:*", matchCriteriaId: "50B892C3-C61F-452C-9A84-7824F4184F04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_s3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9158F4F9-4F3D-4F25-BC80-D58BF37DFEDF", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_s3:-:*:*:*:*:*:*:*", matchCriteriaId: "4B96D333-5403-49F1-8B53-1BD61BD8E0AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_e490_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4E7E04AB-6CFA-45CF-9451-CA93B17886CC", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_e490:-:*:*:*:*:*:*:*", matchCriteriaId: "3647F05A-FE86-494A-BA16-0009C7ACB799", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_e590_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53CAC99C-6F5C-4956-8AC7-F06CEACB72D9", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_e590:-:*:*:*:*:*:*:*", matchCriteriaId: "D03AC004-4251-47AB-AE46-2BDD93F884D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_r490_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F9EC3034-26AB-4C3D-B8A3-ED0C07C11561", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_r490:-:*:*:*:*:*:*:*", matchCriteriaId: "2F639EA7-4C2E-4766-94E3-8ED531026119", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_r590_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "87D8E689-363F-4FFE-9752-7900E82A7320", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_r590:-:*:*:*:*:*:*:*", matchCriteriaId: "87E9F1A6-F657-455D-979E-15493E698542", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_l13_1st_gen_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27BF4C83-C352-4ACA-84D9-96752207A261", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_l13_1st_gen:-:*:*:*:*:*:*:*", matchCriteriaId: "C16CF1F6-3582-4D88-B640-11423C64A752", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_l1415_gen_1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EC90658F-F00F-4A6F-A277-EAD4986BEE68", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_l1415_gen_1:-:*:*:*:*:*:*:*", matchCriteriaId: "828A7B3F-AADC-4BFA-AD78-145F3E00F7CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_l390_yoga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99347D7C-6BE2-4608-855C-A90F63444CD8", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_l390_yoga:-:*:*:*:*:*:*:*", matchCriteriaId: "17DD928B-F0BF-44F1-9EA4-DC82233A2E69", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_s2_yoga_4th_gen_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE5765F4-1955-4BD0-AC2F-E7FD56F2F185", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_s2_yoga_4th_gen:-:*:*:*:*:*:*:*", matchCriteriaId: "71D21EBE-E2DE-4FB3-93ED-0DD0B33C829B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_l490_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0458A09D-100A-4F82-8F77-71B8552EE452", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_l490:-:*:*:*:*:*:*:*", matchCriteriaId: "EFE6D03B-0689-482E-8034-D7DC06249F0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_l590_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "574B7B2D-689F-4702-9BE8-47721D6B3638", versionEndExcluding: "2020-07-10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_l590:-:*:*:*:*:*:*:*", matchCriteriaId: "82885E0E-257F-4F3F-B16B-35C9FA8D349B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_p1_\\(20mx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D06C40E-A184-440F-ACAF-0694BBF09539", versionEndExcluding: "n2eet47w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_p1_\\(20mx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "EE691ED7-14C7-45A7-9BE8-8F11A7C389C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_p1_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4D6F2A5F-1197-415C-AB94-F4FB471797D3", versionEndExcluding: "n2oet44w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_p1_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "9509F2A5-F280-48B2-9573-EF5397B49E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_p43s_\\(20rx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1C0E59EA-3690-47F2-A455-590A241B294C", versionEndExcluding: "n2iet88w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_p43s_\\(20rx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "C3EBEBB7-31A3-433D-9B28-77D027313248", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_p52_\\(20mx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C709FB01-FFD1-49ED-B8CF-0E6E4A0F6CAD", versionEndExcluding: "n2cet51w-1.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_p52_\\(20mx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "A8904E6D-9951-4C78-A9FC-70ADB441C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_p53_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E274C677-A79C-4EFF-9C29-87A4AF01609F", versionEndExcluding: "n2net37w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_p53_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "41BC3E03-773C-4223-9B46-A31AA5B8D411", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_p53s_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5EEF2E9E-4E53-49D4-B70E-96F362E5E021", versionEndExcluding: "n2iet88w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_p53s_\\(20nx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "205A0A26-FEC1-4476-9C4F-DF93973DB1A1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_p72_\\(20mx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "843BBB4C-76E7-4A05-A2B8-CED5C084BD83", versionEndExcluding: "n2cet51w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_p72_\\(20mx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "BA19FB79-9AD1-4C1D-87A2-A2A05CAA30F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_p73_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D828F960-B95C-4EAD-ADA5-AE0911341497", versionEndExcluding: "n2net37w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_p73_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "9BB3743F-FD8B-4F56-866D-E649FAD1D159", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "661F2BB9-BB04-4295-A58D-9501BE4E51D2", versionEndExcluding: "n2iet88w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20nx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "0FCE9161-C5D8-4BC2-B075-C828EE330953", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A47B9CBD-A18B-4017-9BC7-5BCA87DA97C7", versionEndExcluding: "n2iet88w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "DFC65D06-DEF3-43B1-87D0-4E77E87788AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_t490_\\(20rx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A0763F3-64DC-41D2-BB82-33A5A612B82A", versionEndExcluding: "n2iet88w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_t490_\\(20rx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "CE25D8AC-240A-4282-9740-9936B6993056", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_t490s_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "16CEBEE6-AFC4-42DD-9454-1FE877A8D705", versionEndExcluding: "n2jet87w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_t490s_\\(20nx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "AD17ABF1-EC17-42FE-9423-CC4667BE8F46", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_t590_\\(20nx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08AE1515-079B-4940-B2B6-DFBFB75EFA7F", versionEndExcluding: "n2iet88w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_t590_\\(20nx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "807167DF-CB8C-4236-86A5-B82899157830", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x1_carbon_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1D828CE8-FB11-4529-8564-5997229CCB7D", versionEndExcluding: "n2het47w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x1_carbon_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "449F3F75-026A-46FA-BEAC-C07709428D3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x1_carbon_\\(20rx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0C73D56D-D19D-4BFE-BF2E-08502586FDCE", versionEndExcluding: "n2het47w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x1_carbon_\\(20rx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "E612BA69-D901-4402-AFC6-F5DB5FFC04FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x1_extreme_\\(20mx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF8F43E5-FD2B-4A68-93E6-D1A39EC87867", versionEndExcluding: "n2eet47w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x1_extreme_\\(20mx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "A84FB66E-C317-40D2-9DD0-22B814521B8E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x1_extreme_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5F582FC1-A59B-45F2-B20D-ADFBC5B5CB8C", versionEndExcluding: "n2oet44w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x1_extreme_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "7B3E2814-9E2C-45FC-94DF-EFCC337235CE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x1_yoga_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53B2C97B-4D7A-4E9A-B1C3-81E39B0052F0", versionEndExcluding: "n2het47w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x1_yoga_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "02F1D644-18DE-4C44-855A-76FC4762877E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x1_yoga_\\(20sx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F70C1481-4D8F-4E9F-9F41-7DF9D4C5BB31", versionEndExcluding: "n2het47w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x1_yoga_\\(20sx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "5DCC3DCC-0146-4595-BFEF-7EA853E19DDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x390_\\(20qx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DAE5ED0E-169A-41BF-B591-549BE9BAAA49", versionEndExcluding: "n2jet87w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x390_\\(20qx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "AC972297-7E55-49E8-A305-22947FB65768", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x390_\\(20sx\\)_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "898080AE-8CD9-40D6-AA2A-3DC2FED5DCB3", versionEndExcluding: "n2set18w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x390_\\(20sx\\):-:*:*:*:*:*:*:*", matchCriteriaId: "99C27CFA-A88C-40ED-9A6F-8E6CC9DDC6BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lenovo:thinkpad_x390_yoga_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "677361F8-C106-4992-96A9-17903481479F", versionEndExcluding: "n2let74w", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:lenovo:thinkpad_x390_yoga:-:*:*:*:*:*:*:*", matchCriteriaId: "30D40345-389F-4727-B549-1883C3454129", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.", }, { lang: "es", value: "Lenovo implementó protecciones de Intel CSME Anti-rollback ARB en algunos modelos ThinkPad para impedir la reversión del Firmware CSME en flash", }, ], id: "CVE-2020-8336", lastModified: "2024-11-21T05:38:44.077", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 5.9, source: "psirt@lenovo.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-09T20:15:22.693", references: [ { source: "psirt@lenovo.com", tags: [ "Vendor Advisory", ], url: "https://support.lenovo.com/us/en/product_security/LEN-30042", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://support.lenovo.com/us/en/product_security/LEN-30042", }, ], sourceIdentifier: "psirt@lenovo.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }