PT-2020-20102 · Lenovo · Thinkpad T495+3

Published

2020-09-01

Updated

2020-09-10

CVE-2020-8335

CVSS v3.1

6.8

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Lenovo ThinkPad A285 versions up to r0xuj70w Lenovo ThinkPad A485 versions up to r0wuj65w Lenovo ThinkPad T495 versions up to r12uj55w Lenovo ThinkPad T495s/X395 versions up to r13uj47w

Description The BIOS tamper detection mechanism in certain Lenovo ThinkPad models was not triggered when the emergency-reset button is pressed, potentially allowing for unauthorized access.

Recommendations For Lenovo ThinkPad A285 versions up to r0xuj70w, update the BIOS to a version later than r0xuj70w. For Lenovo ThinkPad A485 versions up to r0wuj65w, update the BIOS to a version later than r0wuj65w. For Lenovo ThinkPad T495 versions up to r12uj55w, update the BIOS to a version later than r12uj55w. For Lenovo ThinkPad T495s/X395 versions up to r13uj47w, update the BIOS to a version later than r13uj47w.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-8335

Affected Products

Thinkpad A285

Thinkpad A485

Thinkpad T495

Thinkpad X395

PT-2020-20102 · Lenovo · Thinkpad T495+3

CVE-2020-8335

Related Identifiers

Affected Products

References · 3