Lenovo Security Advisory: LEN-23848
Potential Impact: Information disclosure
Severity: High
Scope of Impact: Industry wide
CVE Identifier: CVE-2017-5704
Summary Description: Platform sample firmware supplied by Intel for multiple processor familes, and incorporated by Lenovo into multiple products, has been found to potentially expose password information in memory to a local attacker with administrative privileges.
Mitigation Strategy for Customers (what you should do to protect yourself): Update to the firmware level (or later) described for your system in the product impact section.
Product Impact: