A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.
Credits
Lenovo thanks Zichuan Li (@Ri7erLi) from Indiana University Bloomington for reporting this vulnerability.