Lenovo Security Advisory: LEN-30525
Potential Impact: Privilege escalation, denial of service, information disclosure
Severity: High
Scope of Impact: Industry-wide
CVE Identifier: CVE-2019-14598
Summary Description:
Intel reported a potential security vulnerability in CSME subsystem may allow escalation of privilege, denial of service, and information disclosure.
Mitigation Strategy for Customers (what you should do to protect yourself):
Intel recommends updating to Intel® CSME versions 12.0.49, 13.0.21, and 14.0.11 or later. Intel recommends IOT customers using Intel® CSME version 12.0.55 to update to 12.0.56 or
later.