CVE-2020-8354

Summary

A potential vulnerability in the SMI callback function used in the VariableServiceSmm driver in some Lenovo Notebook models may allow arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
LenovoBIOSunspecified < variousaffected

Weaknesses

  • CWE-367: CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

ADP Enrichment

CVE Program Container

Additional References

References