Vulnerabilities > Lenovo > E52 80 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-09 | CVE-2020-8323 | Unspecified vulnerability in Lenovo products A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution. | 6.7 |
| 2020-06-09 | CVE-2020-8322 | Unspecified vulnerability in Lenovo products A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution. | 6.7 |
| 2019-11-12 | CVE-2019-6172 | Unspecified vulnerability in Lenovo products A potential vulnerability in the SMI callback function used in Legacy USB driver using passed parameter without sufficient checking in some Lenovo ThinkPad models may allow arbitrary code execution. | 6.4 |
| 2019-11-12 | CVE-2019-6170 | Unspecified vulnerability in Lenovo products A potential vulnerability in the SMI callback function used in the Legacy USB driver using boot services structure in runtime phase in some Lenovo ThinkPad models may allow arbitrary code execution. | 6.4 |
| 2018-10-02 | CVE-2018-9069 | Race Condition vulnerability in multiple products In some Lenovo IdeaPad consumer notebook models, a race condition in the BIOS flash device locking mechanism is not adequately protected against, potentially allowing an attacker with administrator access to alter the contents of BIOS. | 5.9 |
| 2018-07-19 | CVE-2018-9062 | Injection vulnerability in Lenovo products In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code. | 6.8 |