CVE-2020-8322

Published: Jun 9, 2020Modified: Nov 21, 2024

6.7

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: NVD

Description

A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution.

Affected (51)

Products: Lenovo: 330 14ast Firmware, 330 15ast Firmware, 330 17ast Firmware, 340c 15api Firmware, 340c 15ast Firmware, 720s Touch 15ikb Firmware, 720s 15ikb Firmware, 730s 13iwl Firmware, C640 Iml Firmware, E42 80 Firmware, E52 80 Firmware, K22 80 Firmware, V720 12 Firmware, K32 80 Kbl Firmware, K32 80 Skl Firmware, Miix 720 12ikb Firmware, S145 14api Firmware, S145 14ast Firmware, S145 15api Firmware, S145 15ast Firmware, S540 13api Firmware, S750 Iil Firmware, S940 14iwl Firmware, Thinkbook 13s Iwl Firmware, Thinkbook 14s Iwl Firmware, V110 14ast Firmware, V110 14ikb Firmware, V110 15ast Firmware, V130 15igm Firmware, V130 15ikb Firmware, V310 15igm Firmware, V330 15igm Firmware, V330 15ikb Firmware, V330 15isk Firmware, V340 Iil Firmware, V340 Iml Firmware, V540s 13 Firmware, 14iwl Firmware, V730 13ikb Firmware, V730 13isk Firmware, V730 15ikb Firmware, Wei5 15ikb Firmware, Xiaoxin 14 Ast Qc 2019 Firmware, Xx 14api Qc 2019 Firmware, Yoga S730 13iwl Firmware, Yoga S940 14iwl Firmware, 6 Pro 13 Iwl Firmware, 6 Pro 14 Iwl Firmware, E53 80 Firmware, K3 Firmware, K4 Iwl Firmware

51 products

720s Touch 15ikb Firmware

Miix 720 12ikb Firmware

Thinkbook 13s Iwl Firmware

Thinkbook 14s Iwl Firmware

Xiaoxin 14 Ast Qc 2019 Firmware

Xx 14api Qc 2019 Firmware

Yoga S730 13iwl Firmware

Yoga S940 14iwl Firmware

6 Pro 13 Iwl Firmware

6 Pro 14 Iwl Firmware

E53 80 Firmware

K3 Firmware

K4 Iwl Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo 330 14ast Firmware	All versions

Running on/with	Platform Versions
Lenovo 330 14ast	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo 330 15ast Firmware	All versions

Running on/with	Platform Versions
Lenovo 330 15ast	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo 330 17ast Firmware	All versions

Running on/with	Platform Versions
Lenovo 330 17ast	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo 340c 15api Firmware	All versions

Running on/with	Platform Versions
Lenovo 340c 15api	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo 340c 15ast Firmware	All versions

Running on/with	Platform Versions
Lenovo 340c 15ast	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo 720s Touch 15ikb Firmware	All versions

Running on/with	Platform Versions
Lenovo 720s Touch 15ikb	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo 720s 15ikb Firmware	All versions

Running on/with	Platform Versions
Lenovo 720s 15ikb	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo 730s 13iwl Firmware	All versions

Running on/with	Platform Versions
Lenovo 730s 13iwl	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo C640 Iml Firmware	All versions

Running on/with	Platform Versions
Lenovo C640 Iml	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo E42 80 Firmware	All versions

Running on/with	Platform Versions
Lenovo E42 80	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo E52 80 Firmware	All versions

Running on/with	Platform Versions
Lenovo E52 80	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo K22 80 Firmware	All versions

Running on/with	Platform Versions
Lenovo K22 80	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V720 12 Firmware	All versions

Running on/with	Platform Versions
Lenovo V720 12	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo K32 80 Kbl Firmware	All versions

Running on/with	Platform Versions
Lenovo K32 80 Kbl	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo K32 80 Skl Firmware	All versions

Running on/with	Platform Versions
Lenovo K32 80 Skl	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Miix 720 12ikb Firmware	All versions

Running on/with	Platform Versions
Lenovo Miix 720 12ikb	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo S145 14api Firmware	All versions

Running on/with	Platform Versions
Lenovo S145 14api	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo S145 14ast Firmware	All versions

Running on/with	Platform Versions
Lenovo S145 14ast	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo S145 15api Firmware	All versions

Running on/with	Platform Versions
Lenovo S145 15api	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo S145 15ast Firmware	All versions

Running on/with	Platform Versions
Lenovo S145 15ast	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo S540 13api Firmware	All versions

Running on/with	Platform Versions
Lenovo S540 13api	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo S750 Iil Firmware	All versions

Running on/with	Platform Versions
Lenovo S750 Iil	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo S940 14iwl Firmware	All versions

Running on/with	Platform Versions
Lenovo S940 14iwl	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Thinkbook 13s Iwl Firmware	All versions

Running on/with	Platform Versions
Lenovo Thinkbook 13s Iwl	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Thinkbook 14s Iwl Firmware	All versions

Running on/with	Platform Versions
Lenovo Thinkbook 14s Iwl	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V110 14ast Firmware	All versions

Running on/with	Platform Versions
Lenovo V110 14ast	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V110 14ikb Firmware	All versions

Running on/with	Platform Versions
Lenovo V110 14ikb	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V110 15ast Firmware	All versions

Running on/with	Platform Versions
Lenovo V110 15ast	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V130 15igm Firmware	All versions

Running on/with	Platform Versions
Lenovo V130 15igm	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V130 15ikb Firmware	All versions

Running on/with	Platform Versions
Lenovo V130 15ikb	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V310 15igm Firmware	All versions

Running on/with	Platform Versions
Lenovo V310 15igm	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V330 15igm Firmware	All versions

Running on/with	Platform Versions
Lenovo V330 15igm	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V330 15ikb Firmware	All versions

Running on/with	Platform Versions
Lenovo V330 15ikb	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V330 15isk Firmware	All versions

Running on/with	Platform Versions
Lenovo V330 15isk	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V340 Iil Firmware	All versions

Running on/with	Platform Versions
Lenovo V340 Iil	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V340 Iml Firmware	All versions

Running on/with	Platform Versions
Lenovo V340 Iml	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V540s 13 Firmware	All versions

Running on/with	Platform Versions
Lenovo V540s 13	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo 14iwl Firmware	All versions

Running on/with	Platform Versions
Lenovo 14iwl	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V730 13ikb Firmware	All versions

Running on/with	Platform Versions
Lenovo V730 13ikb	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V730 13isk Firmware	All versions

Running on/with	Platform Versions
Lenovo V730 13isk	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo V730 15ikb Firmware	All versions

Running on/with	Platform Versions
Lenovo V730 15ikb	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Wei5 15ikb Firmware	All versions

Running on/with	Platform Versions
Lenovo Wei5 15ikb	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Xiaoxin 14 Ast Qc 2019 Firmware	All versions

Running on/with	Platform Versions
Lenovo Xiaoxin 14 Ast Qc 2019	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Xx 14api Qc 2019 Firmware	All versions

Running on/with	Platform Versions
Lenovo Xx 14api Qc 2019	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Yoga S730 13iwl Firmware	All versions

Running on/with	Platform Versions
Lenovo Yoga S730 13iwl	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Yoga S940 14iwl Firmware	All versions

Running on/with	Platform Versions
Lenovo Yoga S940 14iwl	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo 6 Pro 13 Iwl Firmware	All versions

Running on/with	Platform Versions
Lenovo 6 Pro 13 Iwl	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo 6 Pro 14 Iwl Firmware	All versions

Running on/with	Platform Versions
Lenovo 6 Pro 14 Iwl	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo E53 80 Firmware	All versions

Running on/with	Platform Versions
Lenovo E53 80	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo K3 Firmware	All versions

Running on/with	Platform Versions
Lenovo K3	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo K4 Iwl Firmware	All versions

Running on/with	Platform Versions
Lenovo K4 Iwl	All versions

References (2)

https://support.lenovo.com/us/en/product_security/LEN-30042

Source: psirt@lenovo.com

Vendor Advisory

https://support.lenovo.com/us/en/product_security/LEN-30042

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.