CVE-2020-8341 (GCVE-0-2020-8341)

Vulnerability from cvelistv5 – Published: 2020-09-01 21:30 – Updated: 2024-09-16 23:16
VLAI?
Summary
In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.
Severity ?
No CVSS data available.
CWE
  • None
Assigner
References
Impacted products
Vendor Product Version
Lenovo ThinkPad Affected: various
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:28.358Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-30042"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ThinkPad",
          "vendor": "Lenovo",
          "versions": [
            {
              "status": "affected",
              "version": "various"
            }
          ]
        }
      ],
      "datePublic": "2020-09-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "None",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-01T21:30:16",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-30042"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "No action required. Lenovo has updated BIOS for systems in the product impact section to implement this secondary protection, PRx."
        }
      ],
      "source": {
        "advisory": "LEN-30042",
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "DATE_PUBLIC": "2020-09-01T21:00:00.000Z",
          "ID": "CVE-2020-8341",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ThinkPad",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "various"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "None"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-30042",
              "refsource": "MISC",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-30042"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "No action required. Lenovo has updated BIOS for systems in the product impact section to implement this secondary protection, PRx."
          }
        ],
        "source": {
          "advisory": "LEN-30042",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2020-8341",
    "datePublished": "2020-09-01T21:30:16.648832Z",
    "dateReserved": "2020-01-28T00:00:00",
    "dateUpdated": "2024-09-16T23:16:41.057Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:thinkpad_t490_\\\\(20nx\\\\)_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"n2iet90w\", \"matchCriteriaId\": \"C0ED900A-DA9D-4AB6-9BE4-3037D45978C2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:thinkpad_t490_\\\\(20nx\\\\):-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FCE9161-C5D8-4BC2-B075-C828EE330953\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:thinkpad_t490_\\\\(20qx\\\\)_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"n2iet90w\", \"matchCriteriaId\": \"D381BE27-C4D8-41E8-BFB4-4F215CF95D50\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:thinkpad_t490_\\\\(20qx\\\\):-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFC65D06-DEF3-43B1-87D0-4E77E87788AD\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:thinkpad_t490_\\\\(20rx\\\\)_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"n2ret16w\", \"matchCriteriaId\": \"F54EAADF-C531-458A-93EB-3BEFFCB46D29\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:thinkpad_t490_\\\\(20rx\\\\):-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE25D8AC-240A-4282-9740-9936B6993056\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:thinkpad_t490s_\\\\(20nx\\\\)_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"n2jet89w\", \"matchCriteriaId\": \"D47E30A9-5816-4403-82FE-093FDE585945\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:thinkpad_t490s_\\\\(20nx\\\\):-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD17ABF1-EC17-42FE-9423-CC4667BE8F46\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:thinkpad_t495_drift_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2020-08-30\", \"matchCriteriaId\": \"33CEA6E9-09DD-45AB-B77D-1DB74BE1721D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:thinkpad_t495_drift:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0E27B26-3BF6-4FCE-BF1B-8F0B857BF454\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:thinkpad_t590_\\\\(20nx\\\\)_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"n2iet90w\", \"matchCriteriaId\": \"F7D8E1B5-4883-4D69-B49C-C5B87846C214\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:thinkpad_t590_\\\\(20nx\\\\):-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"807167DF-CB8C-4236-86A5-B82899157830\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:thinkpad_x1_carbon_\\\\(20qx\\\\)_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"n2het54w\", \"matchCriteriaId\": \"1736FD68-7594-4641-B5F2-8CA561CF82CC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:thinkpad_x1_carbon_\\\\(20qx\\\\):-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"449F3F75-026A-46FA-BEAC-C07709428D3B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:thinkpad_x1_yoga_\\\\(20qx\\\\)_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"n2het54w\", \"matchCriteriaId\": \"7A18FEBB-D550-43EF-8C49-A67C08230FCC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:thinkpad_x1_yoga_\\\\(20qx\\\\):-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02F1D644-18DE-4C44-855A-76FC4762877E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:thinkpad_x390_\\\\(20qx\\\\)_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"n2jet89w\", \"matchCriteriaId\": \"ECDED187-4666-4F97-A367-AD3328D26BB1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:thinkpad_x390_\\\\(20qx\\\\):-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC972297-7E55-49E8-A305-22947FB65768\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:lenovo:thinkpad_x390_\\\\(20sx\\\\)_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"n2set18w\", \"matchCriteriaId\": \"898080AE-8CD9-40D6-AA2A-3DC2FED5DCB3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:lenovo:thinkpad_x390_\\\\(20sx\\\\):-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"99C27CFA-A88C-40ED-9A6F-8E6CC9DDC6BD\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.\"}, {\"lang\": \"es\", \"value\": \"En los sistemas Lenovo, SMM BIOS Write Protection es usada para impedir escrituras en la SPI Flash.\u0026#xa0;Si bien esto proporciona suficiente protecci\\u00f3n, una capa adicional de protecci\\u00f3n es proporcionada por SPI Protected Range Registers (PRx).\u0026#xa0;Despu\\u00e9s de reanudar desde el modo de suspensi\\u00f3n S3 en varias versiones de BIOS para algunos sistemas Lenovo ThinkPad, el PRx no est\\u00e1 configurado.\u0026#xa0;Esto no afecta a SMM BIOS Write Protection, que mantiene los sistemas protegidos\"}]",
      "id": "CVE-2020-8341",
      "lastModified": "2024-11-21T05:38:44.680",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"baseScore\": 2.4, \"baseSeverity\": \"LOW\", \"attackVector\": \"PHYSICAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 0.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-09-01T22:15:10.377",
      "references": "[{\"url\": \"https://support.lenovo.com/us/en/product_security/LEN-30042\", \"source\": \"psirt@lenovo.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.lenovo.com/us/en/product_security/LEN-30042\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@lenovo.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-8341\",\"sourceIdentifier\":\"psirt@lenovo.com\",\"published\":\"2020-09-01T22:15:10.377\",\"lastModified\":\"2024-11-21T05:38:44.680\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient protection, an additional layer of protection is provided by SPI Protected Range Registers (PRx). After resuming from S3 sleep mode in various versions of BIOS for some Lenovo ThinkPad systems, the PRx is not set. This does not impact the SMM BIOS Write Protection, which keeps systems protected.\"},{\"lang\":\"es\",\"value\":\"En los sistemas Lenovo, SMM BIOS Write Protection es usada para impedir escrituras en la SPI Flash.\u0026#xa0;Si bien esto proporciona suficiente protecci\u00f3n, una capa adicional de protecci\u00f3n es proporcionada por SPI Protected Range Registers (PRx).\u0026#xa0;Despu\u00e9s de reanudar desde el modo de suspensi\u00f3n S3 en varias versiones de BIOS para algunos sistemas Lenovo ThinkPad, el PRx no est\u00e1 configurado.\u0026#xa0;Esto no afecta a SMM BIOS Write Protection, que mantiene los sistemas protegidos\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":2.4,\"baseSeverity\":\"LOW\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:thinkpad_t490_\\\\(20nx\\\\)_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"n2iet90w\",\"matchCriteriaId\":\"C0ED900A-DA9D-4AB6-9BE4-3037D45978C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:thinkpad_t490_\\\\(20nx\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FCE9161-C5D8-4BC2-B075-C828EE330953\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:thinkpad_t490_\\\\(20qx\\\\)_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"n2iet90w\",\"matchCriteriaId\":\"D381BE27-C4D8-41E8-BFB4-4F215CF95D50\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:thinkpad_t490_\\\\(20qx\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFC65D06-DEF3-43B1-87D0-4E77E87788AD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:thinkpad_t490_\\\\(20rx\\\\)_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"n2ret16w\",\"matchCriteriaId\":\"F54EAADF-C531-458A-93EB-3BEFFCB46D29\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:thinkpad_t490_\\\\(20rx\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE25D8AC-240A-4282-9740-9936B6993056\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:thinkpad_t490s_\\\\(20nx\\\\)_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"n2jet89w\",\"matchCriteriaId\":\"D47E30A9-5816-4403-82FE-093FDE585945\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:thinkpad_t490s_\\\\(20nx\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD17ABF1-EC17-42FE-9423-CC4667BE8F46\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:thinkpad_t495_drift_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2020-08-30\",\"matchCriteriaId\":\"33CEA6E9-09DD-45AB-B77D-1DB74BE1721D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:thinkpad_t495_drift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0E27B26-3BF6-4FCE-BF1B-8F0B857BF454\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:thinkpad_t590_\\\\(20nx\\\\)_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"n2iet90w\",\"matchCriteriaId\":\"F7D8E1B5-4883-4D69-B49C-C5B87846C214\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:thinkpad_t590_\\\\(20nx\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"807167DF-CB8C-4236-86A5-B82899157830\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:thinkpad_x1_carbon_\\\\(20qx\\\\)_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"n2het54w\",\"matchCriteriaId\":\"1736FD68-7594-4641-B5F2-8CA561CF82CC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:thinkpad_x1_carbon_\\\\(20qx\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"449F3F75-026A-46FA-BEAC-C07709428D3B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:thinkpad_x1_yoga_\\\\(20qx\\\\)_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"n2het54w\",\"matchCriteriaId\":\"7A18FEBB-D550-43EF-8C49-A67C08230FCC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:thinkpad_x1_yoga_\\\\(20qx\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02F1D644-18DE-4C44-855A-76FC4762877E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:thinkpad_x390_\\\\(20qx\\\\)_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"n2jet89w\",\"matchCriteriaId\":\"ECDED187-4666-4F97-A367-AD3328D26BB1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:thinkpad_x390_\\\\(20qx\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC972297-7E55-49E8-A305-22947FB65768\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lenovo:thinkpad_x390_\\\\(20sx\\\\)_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"n2set18w\",\"matchCriteriaId\":\"898080AE-8CD9-40D6-AA2A-3DC2FED5DCB3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lenovo:thinkpad_x390_\\\\(20sx\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99C27CFA-A88C-40ED-9A6F-8E6CC9DDC6BD\"}]}]}],\"references\":[{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-30042\",\"source\":\"psirt@lenovo.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-30042\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.