Lenovo has published a security advisory and warned of three vulnerabilities (CVE-2021-3970, CVE-2021-3971, CVE-2021-3972) that affect its UEFI loaded on at least 100 laptop models of the company. Bugs made it possible to inject malware and execute arbitrary code. All three vulnerabilities were discovered by ESET researchers back in October last year, and patches have now been released to address these vulnerabilities.

More information on vulnerabilities and updates is available in Lenovo security advisory – lenovo.com.