CVE-2020-8335

MEDIUM

Lenovo ThinkPad A285 <r0xuj70w - Privilege Escalation

Title source: llm

Description

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad A285, BIOS versions up to r0xuj70w; A485, BIOS versions up to r0wuj65w; T495 BIOS versions up to r12uj55w; T495s/X395, BIOS versions up to r13uj47w, while the emergency-reset button is pressed which may allow for unauthorized access.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://support.lenovo.com/us/en/product_security/LEN-30042

Scores

CVSS v3 6.1

EPSS 0.0007

EPSS Percentile 21.9%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Details

Status published

Products (8)

lenovo/thinkpad_a275_firmware < 2020-08-30

lenovo/thinkpad_a285_firmware < 2020-08-30

lenovo/thinkpad_a475_firmware < 2020-08-30

lenovo/thinkpad_a485_firmware < 2020-08-30

lenovo/thinkpad_t495_drift_firmware < 2020-08-30

lenovo/thinkpad_t495s_jazz_firmware < 2020-08-30

lenovo/thinkpad_x1_carbon_\(20bx\)_firmware < n14et54w

lenovo/thinkpad_x395_firmware < 2020-08-30

Published Sep 01, 2020

Tracked Since Feb 18, 2026