An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Lenovo | Synaptics Smart Audio UWP App | affected |
|
Configuration 1 [-]
| AND |
|
No data.
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Lenovo
Subscribe
|
5-15ikb
Subscribe
Air-14 2019
Subscribe
C340-14iwl
Subscribe
Flex-14iwl
Subscribe
S540-14iwl
Subscribe
S540-14iwl Touch
Subscribe
Thinkpad 11e
Subscribe
Thinkpad 13
Subscribe
Thinkpad A275
Subscribe
Thinkpad A285
Subscribe
Thinkpad A475
Subscribe
Thinkpad A485
Subscribe
Thinkpad E450
Subscribe
Thinkpad E450c
Subscribe
Thinkpad E455
Subscribe
Thinkpad E460
Subscribe
Thinkpad E465
Subscribe
Thinkpad E470
Subscribe
Thinkpad E475
Subscribe
Thinkpad E480
Subscribe
Thinkpad E485
Subscribe
Thinkpad E490
Subscribe
Thinkpad E490s
Subscribe
Thinkpad E540
Subscribe
Thinkpad E545
Subscribe
Thinkpad E550
Subscribe
Thinkpad E550c
Subscribe
Thinkpad E555
Subscribe
Thinkpad E560
Subscribe
Thinkpad E565
Subscribe
Thinkpad E570
Subscribe
Thinkpad E575
Subscribe
Thinkpad E580
Subscribe
Thinkpad E585
Subscribe
Thinkpad E590
Subscribe
Thinkpad Edge E440
Subscribe
Thinkpad Edge E445
Subscribe
Thinkpad L380
Subscribe
Thinkpad L380 Yoga
Subscribe
Thinkpad L390 Yoga
Subscribe
Thinkpad L440
Subscribe
Thinkpad L450
Subscribe
Thinkpad L460
Subscribe
Thinkpad L470
Subscribe
Thinkpad L480
Subscribe
Thinkpad L540
Subscribe
Thinkpad L580
Subscribe
Thinkpad P1
Subscribe
Thinkpad P40
Subscribe
Thinkpad P53
Subscribe
Thinkpad P73
Subscribe
Thinkpad R490
Subscribe
Thinkpad R590
Subscribe
Thinkpad S1 3rd
Subscribe
Thinkpad S1 Yoga 12
Subscribe
Thinkpad S2 Yoga 3rd Gen
Subscribe
Thinkpad S2 Yoga 4th Gen
Subscribe
Thinkpad S3
Subscribe
Thinkpad S3-s440
Subscribe
Thinkpad S3 3rd Gen
Subscribe
Thinkpad S3 Yoga 14
Subscribe
Thinkpad S5
Subscribe
Thinkpad T450
Subscribe
Thinkpad T450s
Subscribe
Thinkpad T460
Subscribe
Thinkpad T460p
Subscribe
Thinkpad T470p
Subscribe
Thinkpad X1 Extreme
Subscribe
Thinkpad X260
Subscribe
Thinkpad X270
Subscribe
Thinkpad X380 Yoga
Subscribe
Thinkpad Yoga 11e
Subscribe
Thinkpad Yoga 11e 3rd Gen
Subscribe
Thinkpad Yoga 11e 4th Gen
Subscribe
Thinkpad Yoga 11e 5th Gen
Subscribe
Thinkpad Yoga 14 460 S3
Subscribe
Thinkpad Yoga 370
Subscribe
V130-15igm
Subscribe
V130-15ikb
Subscribe
V310-15igm
Subscribe
V330-15igm
Subscribe
Yoga 14
Subscribe
|
|
Synaptics
Subscribe
|
Smart Audio Uwp
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2020-29204 | An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code. |
Fixes
Solution
Update to version 1.0.83.0 (or later) of the Smart Audio app, which installs with the corresponding audio driver version.
Workaround
No workaround given by the vendor.
References
History
No history.
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: lenovo
Published:
Updated: 2024-09-16T18:38:25.028Z
Reserved: 2020-01-28T00:00:00
Link: CVE-2020-8337
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-06-09T20:15:22.773
Modified: 2024-11-21T05:38:44.220
Link: CVE-2020-8337
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses