7.7
CVE-2025-10495
- EPSS 0.03%
- Veröffentlicht 12.11.2025 19:18:44
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle psirt@lenovo.com
- CVE-Watchlists
- Unerledigt
A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute arbitrary code.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLenovo
≫
Produkt
App Store
Default Statusunaffected
Version
0
Version <
9.0.2530.1027
Status
affected
HerstellerLenovo
≫
Produkt
PC Manager
Default Statusunaffected
Version
0
Version <
5.1.140.9262
Status
affected
HerstellerLenovo
≫
Produkt
Browser
Default Statusunaffected
Version
0
Version <
9.0.6.9111
Status
affected
HerstellerLenovo
≫
Produkt
Legion Zone
Default Statusunaffected
Version
0
Version <
2.0.21
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.084 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@lenovo.com | 7.7 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| psirt@lenovo.com | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.