← voltar
CVE-2025-14058

CVE-2025-14058

CVSS 2.4 LOWEPSS 0.1%CWE-306
A potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical access to modify Control Center settings if the device is locked when the "Allow Control Center access when locked" option is disabled.
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
Produtos afetados
Lenovo · Idea Tab Pro TB373FULenovo · Idea Tab TB336FULenovo · Legion Tab TB320FCLenovo · Legion Tab TB321FULenovo · Lenovo Tab with Clear Case TB311FULenovo · Lenovo Tab with Folio Case TB311XULenovo · TAB7Lenovo · Tab Extreme TB570ZU TB570FULenovo · Tab K11 Gen 2 TB336ZULenovo · Tab K11 Plus LTE TB352FULenovo · Tab K11 Plus LTE TB352XULenovo · Tab K11 TB330FULenovo · Tab K11 TB330FUPLenovo · Tab K11 TB330XULenovo · Tab K11 TB330XUPLenovo · Tab K9 TB305FULenovo · Tab K9 TB305XULenovo · Tab M10 5G TB360ZULenovo · Tab M11 TB330FU TB330XULenovo · Tab M8 4th Gen 2024 TB301FULenovo · Tab M8 4th Gen 2024 TB301XULenovo · Tab M8 4th Gen TB300FULenovo · Tab M8 4th Gen TB300XULenovo · Tab M9 TB310FULenovo · Tab M9 TB310XULenovo · Tab P11 2nd Gen TB350FULenovo · Tab P11 2nd Gen TB350XULenovo · Tab P12 TB370FULenovo · Tab P12 TB372FULenovo · Tab Plus TB351FULenovo · Yoga Tab Plus TB520FU

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://support.lenovo.com/us/en/product_security/LEN-207951