Advisory Published
Updated

CVE-2020-8322

First published: Tue Jun 09 2020(Updated: )

A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution.

Credit: psirt@lenovo.com

Affected SoftwareAffected VersionHow to fix
Lenovo 330-14ast Firmware
Lenovo 330-14ast
Lenovo 330-15ast Firmware
Lenovo 330-15ast
Lenovo 330-17ast Firmware
Lenovo 330-17ast
Lenovo 340c-15api Firmware
Lenovo 340c-15api
Lenovo 340c-15ast Firmware
Lenovo 340c-15ast
Lenovo 720s Touch-15ikb Firmware
Lenovo 720s Touch-15ikb
Lenovo 720s-15ikb Firmware
Lenovo 720s-15ikb
Lenovo 730s-13iwl Firmware
Lenovo 730s-13iwl
Lenovo C640-iml Firmware
Lenovo C640-iml
Lenovo E42-80 Firmware
Lenovo E42-80
Lenovo E52-80 Firmware
Lenovo E52-80
Lenovo K22-80 Firmware
Lenovo K22-80
Lenovo V720-12 Firmware
Lenovo V720-12
Lenovo K32-80 Kbl Firmware
Lenovo K32-80 Kbl
Lenovo K32-80 Skl Firmware
Lenovo K32-80 Skl
Lenovo Miix 720-12ikb Firmware
Lenovo Miix 720-12ikb
Lenovo S145-14api Firmware
Lenovo S145-14api
Lenovo S145-14ast Firmware
Lenovo S145-14ast
Lenovo S145-15api Firmware
Lenovo S145-15api
Lenovo S145-15ast Firmware
Lenovo S145-15ast
Lenovo S540-13api Firmware
Lenovo S540-13api
Lenovo S750-iil Firmware
Lenovo S750-iil
Lenovo S940-14iwl Firmware
Lenovo S940-14iwl
Lenovo Thinkbook 13s-iwl Firmware
Lenovo Thinkbook 13s-iwl
Lenovo Thinkbook 14s-iwl Firmware
Lenovo Thinkbook 14s-iwl
Lenovo V110-14ast Firmware
Lenovo V110-14ast
Lenovo V110-14ikb Firmware
Lenovo V110-14ikb
Lenovo V110-15ast Firmware
Lenovo V110-15ast
Lenovo V130-15igm Firmware
Lenovo V130-15igm
Lenovo V130-15ikb Firmware
Lenovo V130-15ikb
Lenovo V310-15igm Firmware
Lenovo V310-15igm
Lenovo V330-15igm Firmware
Lenovo V330-15igm
Lenovo V330-15ikb Firmware
Lenovo V330-15ikb
Lenovo V330-15isk Firmware
Lenovo V330-15isk
Lenovo V340-iil Firmware
Lenovo V340-iil
Lenovo V340-iml Firmware
Lenovo V340-iml
Lenovo V540s-13 Firmware
Lenovo V540s-13
Lenovo 14iwl Firmware
Lenovo 14iwl
Lenovo V730-13ikb Firmware
Lenovo V730-13ikb
Lenovo V730-13isk Firmware
Lenovo V730-13isk
Lenovo V730-15ikb Firmware
Lenovo V730-15ikb
Lenovo Wei5-15ikb Firmware
Lenovo Wei5-15ikb
Lenovo Xiaoxin 14-ast Qc 2019 Firmware
Lenovo Xiaoxin 14-ast Qc 2019
Lenovo Xx-14api Qc 2019 Firmware
Lenovo Xx-14api Qc 2019
Lenovo Yoga S730-13iwl Firmware
Lenovo Yoga S730-13iwl
Lenovo Yoga S940-14iwl Firmware
Lenovo Yoga S940-14iwl
Lenovo 6 Pro-13-iwl Firmware
Lenovo 6 Pro-13-iwl
Lenovo 6 Pro-14-iwl Firmware
Lenovo 6 Pro-14-iwl
Lenovo E53-80 Firmware
Lenovo E53-80
Lenovo K3 Firmware
Lenovo K3
Lenovo K4-iwl Firmware
Lenovo K4-iwl

Remedy

Update system firmware to the version (or newer) indicated for your model in the Product Impact section of LEN-30042.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203