CVE-2020-8335 Information

Description

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad A285 BIOS versions up to r0xuj70w; A485 BIOS versions up to r0wuj65w; T495 BIOS versions up to r12uj55w; T495s/X395 BIOS versions up to r13uj47w while the emergency-reset button is pressed which may allow for unauthorized access.

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://support.lenovo.com/us/en/product_security/LEN-30042

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

6.8