A memory leakage vulnerability was reported in the SWSMI_Shadow DXE driver that may allow a local attacker with elevated privileges to write to NVRAM variables.CreditsLenovo thanks Souhardya Sardar of Cyberstanc for reporting this issue.Referenceshttps://support.lenovo.com/us/en/product_security/LEN-141775