Lenovo has released security updates to address a vulnerability affecting Enterprise Network Operating System (ENOS) firmware. An attacker could exploit this vulnerability to obtain sensitive information.
NCCIC/US-CERT encourages users and administrators to review Lenovo’s Security Advisory and the Canadian Cyber Incident Response Centre (CCIRC)’s Lenovo Security Advisory for more information and apply the necessary updates or mitigations.