CVE-2020-8353

{"id": "CVE-2020-8353", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "psirt@lenovo.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}]}, "published": "2020-11-11T18:15:11.767", "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-44725", "tags": ["Exploit", "Vendor Advisory"], "source": "psirt@lenovo.com"}, {"url": "https://support.lenovo.com/us/en/product_security/LEN-44725", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@lenovo.com", "description": [{"lang": "en", "value": "CWE-16"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Prior to August 10, 2020, some Lenovo Desktop and Workstation systems were shipped with the Embedded Host Based Configuration (EHBC) feature of Intel AMT enabled. This could allow an administrative user with local access to configure Intel AMT."}, {"lang": "es", "value": "Antes del 10 de agosto de 2020, algunos sistemas Lenovo Desktop y Workstation se enviaron con la funcionalidad Embedded Host Based Configuration (EHBC) de Intel AMT habilitada. Esto podr\u00eda permitir a un usuario administrativo acceso local para configurar Intel AMT"}], "lastModified": "2024-11-21T05:38:45.917", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkcentre_m80t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C008DF2-92B2-486D-8A04-AA41DBFED5DC", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkcentre_m80t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3DEDED31-3B1C-4289-8056-82606B246978"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkcentre_m80s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC09ADB4-9D16-4E98-A92B-AC00B05496B8", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkcentre_m80s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9292E0CE-B3CC-44F6-8673-3FADFA37C3F6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkcentre_m90t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "473BD076-C7CC-4E4B-80B6-7B2347CB2B25", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkcentre_m90t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B52C1612-1479-4A98-8EF7-DB7BF44D7396"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkcentre_m90s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "773349AE-6F8C-46F8-A1C8-85869B30DDED", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkcentre_m90s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "466521C7-6E6B-473D-B188-D5FCD83375DA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkcentre_m910z_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6042E2BC-555C-4540-B20F-09DFF782033C", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkcentre_m910z:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1231901B-75B3-412A-88A4-D9971D8EE735"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkcentre_m920s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10A93D10-88D9-49B8-9667-F038CCEFBB78", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkcentre_m920s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "86CEA502-29BC-4F04-AF51-53B8CE39D1DB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkcentre_m920t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FBCC6FC-5E16-42D4-8DE9-FD1EB64A0014", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkcentre_m920t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AA136174-6A29-4DD8-BF2F-BEC629ED216B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkcentre_m920q_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DB47EBD-A986-4114-86EE-6C6DCC9667ED", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkcentre_m920q:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "18964E52-51F6-4C64-A471-A09FB2E7A4C1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkcentre_m920z_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9624FBAC-31E4-4AF4-94C3-7C133D00C918", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkcentre_m920z:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2E07299B-26F5-438D-A522-20FAFC970E47"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkstation_p330t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D0325A8-FC5F-4D3D-9170-35BACEE0D737", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkstation_p330t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9DA61D22-E51B-432D-89CD-AD4DEBB8401C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkstation_p330s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A357404B-65CE-44FC-B99B-BC98A2786B47", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkstation_p330s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "37E1FFC9-815C-4036-97B4-F0AEF3207C5D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkstation_p330_tiny_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9E5BADF-337B-4527-87F8-A6B23C393443", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkstation_p330_tiny:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4FCC5B38-D665-43E6-A4FB-0A9D464E1406"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkstation_p340t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1486FDAF-AAC7-4687-8CD0-AB45600B5321", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkstation_p340t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4DEA32C1-3B45-46F3-A7BD-EEC1890F9359"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:thinkstation_p340s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3287364-23DE-4455-B703-8749DBD4551A", "versionEndExcluding": "2020-08-10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lenovo:thinkstation_p340s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "40C61C8F-B6A6-41AF-9985-816A8F7A8594"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@lenovo.com"}