Experts in the field of information security of ESET company have found a serious error in the drivers of 25 popular Lenovo laptop models running Windows 11 and Windows 10. As Neowin reports, the vulnerability allows the company’s devices to be easily hacked.

It is stated that the vulnerability allows hackers to disable the UEFI secure boot process and then launch viruses or other dangerous programs, as well as download special programs inside the laptop that provide permanent access to files without being noticed by the user.

According to the researchers, the breach allows hackers to remain in the system even after several reinstallations of the operating system. ESET has disclosed three dangerous vulnerabilities – CVE-2022-3430, CVE-2022-3431 and CVE-2022-3432.

“The ability to change firmware parameters from the OS is a very rare phenomenon”, – noted one of the company’s researchers. Lenovo did not comment on the vulnerabilities, saying they only released updates to fix two of the three vulnerabilities. The company stated that the third vulnerability was only detected on a laptop that is no longer supported by the company.