Authentication Bypass Vulnerability in Lenovo ThinkPad Stack Wireless Router
CVE-2020-8350

8.8HIGH

Key Information:

Vendor: Lenovo
Status: Thinkpad Stack Wireless Router Firmware
Vendor: CVE Published:; 14 October 2020

Summary

An authentication bypass vulnerability in Lenovo ThinkPad Stack Wireless Router firmware version 1.1.3.4 has been identified. This flaw could potentially allow unauthorized access, leading to escalation of privileges within the affected system. Users of the router should be aware of this security risk and seek to apply any available updates to mitigate potential threats associated with this vulnerability.

Affected Version(s)

ThinkPad Stack WIreless Router firmware <= 1.1.3.4

References

https://support.lenovo.com/us/en/product_security/LEN-48228

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 14, 2020
Vulnerability Reserved
Jan 28, 2020

Credit

Lenovo thanks Balkrishna Tripathi for reporting this issue.