Lenovo has released an update to fix several serious BIOS vulnerabilities

It affects hundreds of devices across Desktop, All in One, IdeaCentre, Legion, ThinkCentre, ThinkPad, ThinkAgile, ThinkStation and ThinkSystem models.

Exploiting these vulnerabilities can lead to information disclosure, privilege escalation, denial of service and, under certain circumstances, the execution of arbitrary code.