In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system’s embedded controller, which could cause a denial of service attack on the system or the ability to alter hardware functionality.
[
{
"product": "Active Protection System",
"vendor": "Lenovo Group Ltd.",
"versions": [
{
"status": "affected",
"version": "Earlier than 1.82.0.14"
}
]
}
]