EIP-2026-117414

PRE-CVE

Lenovo ThinkPad - System Management Mode Arbitrary Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117414. PoCs published by Cr4sh.

AI-analyzed exploit summary This is a technical writeup describing a 0day privilege escalation vulnerability in Lenovo ThinkPad's System Management Mode (SMM) via the SystemSmmRuntimeRt UEFI driver. The vulnerability allows arbitrary code execution in SMM, enabling attacks like disabling flash write protection and bypassing Secure Boot.

Description

Lenovo ThinkPad - System Management Mode Arbitrary Code Execution

Exploits (1)

exploitdb WRITEUP

by Cr4sh · textlocalwindows

https://www.exploit-db.com/exploits/40040

View Code ZIP pw:eip

This is a technical writeup describing a 0day privilege escalation vulnerability in Lenovo ThinkPad's System Management Mode (SMM) via the SystemSmmRuntimeRt UEFI driver. The vulnerability allows arbitrary code execution in SMM, enabling attacks like disabling flash write protection and bypassing Secure Boot.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Complex

Reliability

Theoretical

Target: Lenovo ThinkPad firmware (SystemSmmRuntimeRt UEFI driver)

No auth needed

Prerequisites: Physical or local access to a vulnerable Lenovo ThinkPad system

MITRE ATT&CK

T1548.002 - Bypass User Account Control

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026