This issue seems to affect only 6th to 8th gen intel CPU's, if I read that first intel advisory correctly (assuming it is still the valid advisory for the current issue), so the problematic endpoints will all be several years old now. I could reach out myself, but I'm very much dreading having to deal with lvl1 Lenovo support for something like this, as I assume I will get the same run around you received. If I can find some time to open the support case, I will update this thread with our results.
Otherwise I did notice there is a new bios update for my T480s a few days ago that mentions several fixes for CVE's, but i have not had the time to browse through that list yet. I assume the fix for this vulnerable driver would be in an IME update from Lenovo though, and not a BIOS update.