Equipment manufacturer, Lenovo, has disclosed several vendor vulnerabilities in some of its products, which it said could lead to information disclosure,
The Nigerian Communications Commission’s Computer Security Incident Response Team , in its recent advisory, rated the probability of the vulnerability as high with an equally high damage potential. It, therefore, urged users of affected products to update their firmware.
Successful exploitation of the vulnerabilities could allow an authenticated local attacker to bypass security restrictions, gain elevated privileges and execute arbitrary code on the targeted system. According to NCC-CSIRT, the solution to addressing the vulnerabilities is for users to update their system firmware to the newer version indicated for their product model.