CVE-2020-8334

EPSS 0.06%
Veröffentlicht 09.06.2020 20:15:22
Zuletzt bearbeitet 21.11.2024 05:38:43
Quelle psirt@lenovo.com
Teams Watchlist Login
Unerledigt Login

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T495s, X395, T495, A485, A285, A475, A275 which may allow for unauthorized access.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lenovo ≫ Thinkpad T495s Firmware Version-

Lenovo ≫ Thinkpad T495s Version-

Lenovo ≫ Thinkpad X395 Firmware Version-

Lenovo ≫ Thinkpad X395 Version-

Lenovo ≫ Thinkpad T495 Firmware Version-

Lenovo ≫ Thinkpad T495 Version-

Lenovo ≫ Thinkpad A485 Firmware Version-

Lenovo ≫ Thinkpad A485 Version-

Lenovo ≫ Thinkpad A285 Firmware Version-

Lenovo ≫ Thinkpad A285 Version-

Lenovo ≫ Thinkpad A475 Firmware Version-

Lenovo ≫ Thinkpad A475 Version-

Lenovo ≫ Thinkpad A275 Firmware Version-

Lenovo ≫ Thinkpad A275 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.164

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
psirt@lenovo.com	6.1	0.9	5.2	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://support.lenovo.com/us/en/product_security/LEN-30042

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-8334

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-8334

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-8334

EUVD