Lenovo has disclosed multiple BIOS security vulnerabilities, impacting multiple vendors, with potential impacts including information disclosure and arbitrary code execution. The vulnerabilities were classified as high severity and deemed "industry-wide." #cybersecurity #vulnerabilities
Specific vulnerabilities included memory leak vulnerabilities in AMD DXE driver, allowing a highly privileged user to retrieve sensitive information. #AMD #vulnerabilities
Other vulnerabilities allowed local threat actors to elevate privileges, modify BIOS firmware, and execute arbitrary code. Desktop, Smart Edge, ThinkStation, and Lenovo Notebook products were affected. #privilegeescalation #arbitrarycodeexecution
To mitigate these vulnerabilities, Lenovo advises users to upgrade their system firmware to the most recent version. #securityupgrade #systemfirmware
Affected products include Desktops, Notebooks, Hyperscale, Smart Edge, Smart Office, Storage, ThinkAgile, ThinkEdge, ThinkPad, ThinkServer, ThinkStation, and ThinkSystem. #LenovoProducts #vulnerabilities