**Lenovo Security Advisory:**LEN-38625
**Potential Impact:**Privilege escalation
**Severity:**Medium
**Scope of Impact:**Lenovo-specific
**CVE Identifier:**CVE-2020-8332
Summary Description:
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected.
Mitigation Strategy for Customers (what you should do to protect yourself):
Update system firmware to the version (or newer) indicated for your model in the Product Impact section.