CVE-2023-45075

A memory leakage vulnerability was reported in the SWSMI_Shadow DXE driver that may allow a local attacker with elevated privileges to write to NVRAM variables.

Credits

Lenovo thanks Souhardya Sardar of Cyberstanc for reporting this issue.

References