CVE-2020-8334

EPSS 0.06%
Published 09.06.2020 20:15:22
Last modified 21.11.2024 05:38:43
Source psirt@lenovo.com
Teams watchlist Login
Open Login

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T495s, X395, T495, A485, A285, A475, A275 which may allow for unauthorized access.

Affected products Warnungen 0 Metrics 4 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Lenovo ≫ Thinkpad T495s Firmware Version-

Lenovo ≫ Thinkpad T495s Version-

Lenovo ≫ Thinkpad X395 Firmware Version-

Lenovo ≫ Thinkpad X395 Version-

Lenovo ≫ Thinkpad T495 Firmware Version-

Lenovo ≫ Thinkpad T495 Version-

Lenovo ≫ Thinkpad A485 Firmware Version-

Lenovo ≫ Thinkpad A485 Version-

Lenovo ≫ Thinkpad A285 Firmware Version-

Lenovo ≫ Thinkpad A285 Version-

Lenovo ≫ Thinkpad A475 Firmware Version-

Lenovo ≫ Thinkpad A475 Version-

Lenovo ≫ Thinkpad A275 Firmware Version-

Lenovo ≫ Thinkpad A275 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.164

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
psirt@lenovo.com	6.1	0.9	5.2	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://support.lenovo.com/us/en/product_security/LEN-30042

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-8334

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-8334

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-8334

EUVD