A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an authenticated user to execute code as another user.
Published November 20, 2019.
Lenovo System Interface Foundation