CVE-2020-8333

EPSS 0.04%
Published 24.09.2020 21:15:15
Last modified 21.11.2024 05:38:43
Source psirt@lenovo.com
Teams watchlist Login
Open Login

A potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow arbitrary code execution

Affected products Warnungen 0 Metrics 4 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Lenovo ≫ 63 Firmware Version < fckt98a

Lenovo ≫ 63 Version-

Lenovo ≫ H50-30g Firmware Version < fckt98a

Lenovo ≫ H50-30g Version-

Lenovo ≫ M4500 Firmware Version < fckt98a

Lenovo ≫ M4500 Version-

Lenovo ≫ M4550 Firmware Version < fckt98a

Lenovo ≫ M4550 Version-

Lenovo ≫ Qitian 4500 Firmware Version < fckt98a

Lenovo ≫ Qitian 4500 Version-

Lenovo ≫ Qitian B4550 Firmware Version < fckt98a

Lenovo ≫ Qitian B4550 Version-

Lenovo ≫ Qitian M4550 Firmware Version < fckt98a

Lenovo ≫ Qitian M4550 Version-

Lenovo ≫ Thinkcentre E73 Firmware Version < fckt98a

Lenovo ≫ Thinkcentre E73 Version-

Lenovo ≫ Thinkcentre E73s Firmware Version < fckt98a

Lenovo ≫ Thinkcentre E73s Version-

Lenovo ≫ Thinkcentre E93 Firmware Version < fbktdea

Lenovo ≫ Thinkcentre E93 Version-

Lenovo ≫ Thinkcentre M4500k Firmware Version < fckt98a

Lenovo ≫ Thinkcentre M4500k Version-

Lenovo ≫ Thinkcentre M4500q Firmware Version < fhkt85a

Lenovo ≫ Thinkcentre M4500q Version-

Lenovo ≫ Thinkcentre M4500t Firmware Version < fckt98a

Lenovo ≫ Thinkcentre M4500t Version-

Lenovo ≫ Thinkcentre M4500s Firmware Version < fckt98a

Lenovo ≫ Thinkcentre M4500s Version-

Lenovo ≫ Yangtian Afh81 Firmware Version < fckt98a

Lenovo ≫ Yangtian Afh81 Version-

Lenovo ≫ Yangtian Mc H81 Firmware Version < fckt98a

Lenovo ≫ Yangtian Mc H81 Version-

Lenovo ≫ Yangtian Mf H81 Pci Firmware Version < fckt98a

Lenovo ≫ Yangtian Mf H81 Pci Version-

Lenovo ≫ Yangtian Wf H81 Pci Firmware Version < fckt98a

Lenovo ≫ Yangtian Wf H81 Pci Version-

Lenovo ≫ Yangtian Tc H81 Pci Firmware Version < fckt98a

Lenovo ≫ Yangtian Tc H81 Pci Version-

Lenovo ≫ Yangtian Wcc H81 Pci Firmware Version < fckt98a

Lenovo ≫ Yangtian Wcc H81 Pci Version-

Lenovo ≫ Thinkcentre M9350z Firmware Version < fekta2a

Lenovo ≫ Thinkcentre M9350z Version-

Lenovo ≫ Thinkcentre M93z Firmware Version < fekta2a

Lenovo ≫ Thinkcentre M93z Version-

Lenovo ≫ Thinkstation C30 Firmware Version < a3kt70a

Lenovo ≫ Thinkstation C30 Version-

Lenovo ≫ Thinkstation D30 Firmware Version < a3kt70a

Lenovo ≫ Thinkstation D30 Version-

Lenovo ≫ Thinkstation E32 Firmware Version < fbktdea

Lenovo ≫ Thinkstation E32 Version-

Lenovo ≫ Thinkstation P300 Firmware Version < a2kt70a

Lenovo ≫ Thinkstation P300 Version-

Lenovo ≫ Thinkstation S30 Firmware Version < a2kt70a

Lenovo ≫ Thinkstation S30 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.081

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C
psirt@lenovo.com	6.4	0.5	5.9	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

https://support.lenovo.com/us/en/product_security/LEN-30042

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-8333

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-8333

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-8333

EUVD