CVE-2020-8320

MEDIUM

Lenovo ThinkPad - Privilege Escalation via Internal Shell

Title source: llm
STIX 2.1

Description

An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege.

References (1)

Scores

CVSS v3 6.4
EPSS 0.0005
EPSS Percentile 14.2%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-269 CWE-489
Status published
Products (50)
lenovo/thinkpad_11e_firmware < 2020-07-10
lenovo/thinkpad_11e_yoga_gen_6_firmware < 2020-07-10
lenovo/thinkpad_13_2nd_gen_firmware < 2020-07-10
lenovo/thinkpad_13_firmware < 2020-07-10
lenovo/thinkpad_a275_firmware < 2020-07-10
lenovo/thinkpad_a285_firmware < 2020-07-10
lenovo/thinkpad_a475_firmware < 2020-07-10
lenovo/thinkpad_a485_firmware < 2020-07-10
lenovo/thinkpad_e14_firmware < 2020-07-10
lenovo/thinkpad_e15_firmware < 2020-07-10
... and 40 more
Published Jun 09, 2020
Tracked Since Feb 18, 2026