CVE-2025-4371

CVSS 7 HIGHEPSS 0.2%CWE-347

A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection.

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Lenovo · 510 FHD Webcam Lenovo · Performance FHD Webcam

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.lenovo.com/us/en/product_security/LEN-194466