Quote:Lenovo has patched several high-severity vulnerabilities in its products that could enable escalation of privilege, information disclosure, or even denial of service.
 
Overall the device maker patched flaws tied to 16 high-severity CVEs on Thursday. Those include five related to Intel firmware vulnerabilities, as well as 11 flaws stemming from vulnerabilities in Intel Converged Security and Management Engine (CSME), Intel Server Platform Services, Intel Trusted Execution Engine and Intel Active Management Technology.
 
The patches come two days after Intel released its own security update, Tuesday, warning of 19 vulnerabilities across its popular graphics drivers for Windows 10, as well as a larger set of fixes across other Intel products, including its Matrix Storage Manager, Active Management Technology and Accelerated Storage Manager.

The CVEs tied to Intel firmware (CVE-2018-12201, CVE-2018-12202, CVE-2018-12203, CVE-2018-12204, CVE-2018-12205) impact Lenovo Desktops, IdeaPads, Storage, ThinkPad, ThinkServer, ThinkStations and ThinkSystems.