CVE-2020-8320

An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege.

Published: Jun 9, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-8320
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.8
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-269

Affected Software
References

Software	From	Fixed in
lenovo / thinkpad_11e_yoga_gen_6_firmware	-	2020-07-10
lenovo / thinkpad_11e_firmware	-	2020-07-10
lenovo / thinkpad_yoga_11e_3rd_gen_firmware	-	2020-07-10
lenovo / thinkpad_yoga_11e_4th_gen_firmware	-	2020-07-10
lenovo / thinkpad_yoga_11e_5th_gen_firmware	-	2020-07-10
lenovo / thinkpad_13_2nd_gen_firmware	-	2020-07-10
lenovo / thinkpad_13_firmware	-	2020-07-10
lenovo / thinkpad_a275_firmware	-	2020-07-10
lenovo / thinkpad_a285_firmware	-	2020-07-10
lenovo / thinkpad_a475_firmware	-	2020-07-10
lenovo / thinkpad_a485_firmware	-	2020-07-10
lenovo / thinkpad_e14_firmware	-	2020-07-10
lenovo / thinkpad_e15_firmware	-	2020-07-10
lenovo / thinkpad_r14_firmware	-	2020-07-10
lenovo / thinkpad_s3_gen_2_firmware	-	2020-07-10
lenovo / thinkpad_e455_firmware	-	2020-07-10
lenovo / thinkpad_e555_firmware	-	2020-07-10
lenovo / thinkpad_e460_firmware	-	2020-07-10
lenovo / thinkpad_e560_firmware	-	2020-07-10
lenovo / thinkpad_e465_firmware	-	2020-07-10
lenovo / thinkpad_e565_firmware	-	2020-07-10
lenovo / thinkpad_e470_firmware	-	2020-07-10
lenovo / thinkpad_e570_firmware	-	2020-07-10
lenovo / thinkpad_e475_firmware	-	2020-07-10
lenovo / thinkpad_e575_firmware	-	2020-07-10
lenovo / thinkpad_e480_firmware	-	2020-07-10
lenovo / thinkpad_e580_firmware	-	2020-07-10
lenovo / thinkpad_e485_firmware	-	2020-07-10
lenovo / thinkpad_e585_firmware	-	2020-07-10
lenovo / thinkpad_e490s_firmware	-	2020-07-10
lenovo / thinkpad_s3_firmware	-	2020-07-10
lenovo / thinkpad_e490_firmware	-	2020-07-10
lenovo / thinkpad_e590_firmware	-	2020-07-10
lenovo / thinkpad_r490_firmware	-	2020-07-10
lenovo / thinkpad_r590_firmware	-	2020-07-10
lenovo / thinkpad_l13_firmware	-	2020-07-10
lenovo / thinkpad_l1415_firmware	-	2020-07-10
lenovo / thinkpad_l380_firmware	-	2020-07-10
lenovo / thinkpad_s3_3rd_gen_firmware	-	2020-07-10
lenovo / thinkpad_l380_yoga_firmware	-	2020-07-10
lenovo / thinkpad_s2_yoga_3rd_gen_firmware	-	2020-07-10
lenovo / thinkpad_l390_yoga_firmware	-	2020-07-10
lenovo / thinkpad_s2_yoga_4th_gen_firmware	-	2020-07-10
lenovo / thinkpad_l460_firmware	-	2020-07-10
lenovo / thinkpad_l470_firmware	-	2020-07-10
lenovo / thinkpad_l480_firmware	-	2020-07-10
lenovo / thinkpad_l580_firmware	-	2020-07-10
lenovo / thinkpad_l490_firmware	-	2020-07-10
lenovo / thinkpad_l590_firmware	-	2020-07-10
lenovo / thinkpad_l560_firmware	-	2020-07-03
lenovo / thinkpad_l570_firmware	-	2020-07-10
lenovo / thinkpad_p1_firmware	-	n2eet46w
lenovo / thinkpad_p43s_firmware	-	n2iet87w
lenovo / thinkpad_p50_firmware	-	2020-07-17
lenovo / thinkpad_p50s_firmware	-	2020-07-24
lenovo / thinkpad_p51_firmware	-	2020-07-03
lenovo / thinkpad_p51s_firmware	-	2020-07-03
lenovo / thinkpad_p52_firmware	-	n2cet51w
lenovo / thinkpad_p52s_firmware	-	2020-07-03
lenovo / thinkpad_p53_firmware	-	n2net37w
lenovo / thinkpad_p53s_firmware	-	n2iet87w
lenovo / thinkpad_p70_firmware	-	2020-07-17
lenovo / thinkpad_p71_firmware	-	2020-07-17.x
lenovo / thinkpad_p72_firmware	-	n2cet51w
lenovo / thinkpad_p73_firmware	-	n2net37w
lenovo / thinkpad_s5_2nd_gen_firmware	-	2020-07-10
lenovo / thinkpad_s5_firmware	-	2020-07-10
lenovo / thinkpad_e560p_firmware	-	2020-07-10
lenovo / thinkpad_t25_firmware	-	n1qet87w
lenovo / thinkpad_t460_firmware	-	2020-07-10
lenovo / thinkpad_t460p_firmware	-	2020-07-10
lenovo / thinkpad_t460s_firmware	-	2020-06-19
lenovo / thinkpad_t470_firmware	-	n1qet87w
lenovo / thinkpad_t470p_firmware	-	2020-07-10
lenovo / thinkpad_t470s_firmware	-	n1wet58w
lenovo / thinkpad_t480_firmware	-	n24et56w
lenovo / thinkpad_t480s_firmware	-	n22et62w
lenovo / thinkpad_t490_firmware	-	n2iet87w
lenovo / thinkpad_t490s_firmware	-	n2jet87w
lenovo / thinkpad_t560_firmware	-	2020-07-24
lenovo / thinkpad_t570_firmware	-	2020-07-03
lenovo / thinkpad_t580_firmware	-	2020-07-03
lenovo / thinkpad_t590_firmware	-	n2iet87w
lenovo / thinkpad_x1_carbon_firmware	-	n1met60w
lenovo / thinkpad_x1_yoga_firmware	-	2020-07-17
lenovo / thinkpad_x1_extreme_firmware	-	n2oet43w
lenovo / thinkpad_x1_tablet_firmware	-	2020-07-24
lenovo / thinkpad_x260_firmware	-	2020-07-10
lenovo / thinkpad_x270_firmware	-	2020-07-10
lenovo / thinkpad_x280_firmware	-	n20et52w
lenovo / thinkpad_x380_yoga_firmware	-	2020-07-10
lenovo / thinkpad_x390_firmware	-	2020-07-07
lenovo / thinkpad_x390_yoga_firmware	-	2020-06-24
lenovo / thinkpad_x395_firmware	-	2020-07-10
lenovo / thinkpad_yoga_260_firmware	-	2020-07-07
lenovo / thinkpad_s1_firmware	-	2020-07-07
lenovo / thinkpad_yoga_370_firmware	-	2020-07-10
lenovo / thinkpad_s1_3rd_firmware	-	2020-07-10
lenovo / thinkpad_t495_firmware	-	2020-07-10
lenovo / thinkpad_t495s_firmware	-	2020-07-10

https://support.lenovo.com/us/en/product_security/LEN-30042

Vulnerability Database

CVE-2020-8320

Deep Security Visibility Without the Complexity