[BRLY-2021-002] Lenovo system firmware has missing coverage with Boot Guard protected ranges (IBB) for UEFI modules
Binarly REsearch Team identified several Lenovo devices do not properly protect UEFI system firmware modules with Intel Boot Guard technolody (missing protection coverage Boot Guard IBB hash), which allows an attacker with write access to the SPI flash storage (such as with physical access or leveraging a BIOS write protection bypass vulnerability) to install a persistent backdoor/implant.