A potential vulnerability in the system shutdown SMI callback function in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Credits
Lenovo thanks Binarly efiXplorer team for reporting these issues.
