Lenovo Security Advisory: LEN-29406
Potential Impact: Information Disclosure
Scope of Impact: Industry-wide
CVE Identifier: CVE-2019-16863
ST Microelectronics has reported a vulnerability in the implementation of the Elliptic Digital Signature Algorithm (ECDSA) signature generation function that could result in exposing the private key.
Mitigation Strategy for Customers (what you should do to protect yourself):
ST Microelectronics recommends updating your firmware to the latest version (or newer) indicated for your model in the Product Impact section below.