Lenovo Security Advisory: LEN-20184
**Potential Impact:**Privilege escalation
Severity: High
Scope of Impact: Lenovo-specific
**CVE Identifier:**CVE-2018-9069
Summary Description:
In several consumer notebook models, a race condition in BIOS flash device locking mechanism is not adequately protected against, potentially allowing an attacker with administrator access to alter the contents of BIOS.
Mitigation Strategy for Customers (what you should do to protect yourself):
Update BIOS to the version (or newer) described for your model in the product impact section below.
Product Impact: