CVE-2020-8352

Published: Nov 11, 2020Modified: Nov 21, 2024

2.4

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 0.9 / Impact: 1.4

Source: NVD

Description

In some Lenovo Desktop models, the Configuration Change Detection BIOS setting failed to detect SATA configuration changes.

Affected (16)

Products: Lenovo: Thinkcentre E73 Firmware, Thinkcentre M73 Firmware, Qitian 4500 Firmware, Qitian B4550 Firmware, Qitian M4550 Firmware, Thinkcentre M4500k Firmware, Thinkcentre M4500t Firmware, Thinkcentre M4500s Firmware, Yangtian Afh81 Firmware, Yangtian Mc H81 Firmware, Yangtian Mf Firmware, Yangtian Wf H81 Pci Firmware, Yangtian Ms Firmware, Yangtian Ws H81 Firmware, Yangtian Tc Firmware, Yangtian Wcc H81 Pci Firmware

Lenovo

16 products

Thinkcentre E73 Firmware

Thinkcentre M73 Firmware

Qitian 4500 Firmware

Qitian B4550 Firmware

Qitian M4550 Firmware

Thinkcentre M4500k Firmware

Thinkcentre M4500t Firmware

Thinkcentre M4500s Firmware

Yangtian Afh81 Firmware

Yangtian Mc H81 Firmware

Yangtian Mf Firmware

Yangtian Wf H81 Pci Firmware

Yangtian Ms Firmware

Yangtian Ws H81 Firmware

Yangtian Tc Firmware

Yangtian Wcc H81 Pci Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Thinkcentre E73 Firmware	All versions

Running on/with	Platform Versions
Lenovo Thinkcentre E73	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Thinkcentre M73 Firmware	All versions

Running on/with	Platform Versions
Lenovo Thinkcentre M73	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Qitian 4500 Firmware	All versions

Running on/with	Platform Versions
Lenovo Qitian 4500	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Qitian B4550 Firmware	All versions

Running on/with	Platform Versions
Lenovo Qitian B4550	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Qitian M4550 Firmware	All versions

Running on/with	Platform Versions
Lenovo Qitian M4550	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Thinkcentre M4500k Firmware	All versions

Running on/with	Platform Versions
Lenovo Thinkcentre M4500k	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Thinkcentre M4500t Firmware	All versions

Running on/with	Platform Versions
Lenovo Thinkcentre M4500t	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Thinkcentre M4500s Firmware	All versions

Running on/with	Platform Versions
Lenovo Thinkcentre M4500s	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Yangtian Afh81 Firmware	All versions

Running on/with	Platform Versions
Lenovo Yangtian Afh81	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Yangtian Mc H81 Firmware	All versions

Running on/with	Platform Versions
Lenovo Yangtian Mc H81	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Yangtian Mf Firmware	All versions

Running on/with	Platform Versions
Lenovo Yangtian Mf	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Yangtian Wf H81 Pci Firmware	All versions

Running on/with	Platform Versions
Lenovo Yangtian Wf H81 Pci	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Yangtian Ms Firmware	All versions

Running on/with	Platform Versions
Lenovo Yangtian Ms	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Yangtian Ws H81 Firmware	All versions

Running on/with	Platform Versions
Lenovo Yangtian Ws H81	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Yangtian Tc Firmware	All versions

Running on/with	Platform Versions
Lenovo Yangtian Tc	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lenovo Yangtian Wcc H81 Pci Firmware	All versions

Running on/with	Platform Versions
Lenovo Yangtian Wcc H81 Pci	All versions

Related CWEs

CWE-358

Improperly Implemented Security Check for Standard

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

References (2)

https://support.lenovo.com/us/en/product_security/LEN-49266

Source: psirt@lenovo.com

Vendor Advisory

https://support.lenovo.com/us/en/product_security/LEN-49266

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.