CVE-2025-4371
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-18

Last updated on: 2025-08-18

Assigner: Lenovo Group Ltd.

Description
A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-18
Last Modified
2025-08-18
Generated
2026-05-06
AI Q&A
2025-08-18
EPSS Evaluated
2026-05-05
NVD
CVE-2025-4371
EUVD
EUVD-2025-28005
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
lenovo performance_fhd_web_camera *
lenovo 510_fhd_web_camera *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability affects Lenovo 510 FHD and Performance FHD web cameras, allowing an attacker with physical access to the device to write arbitrary firmware updates via a USB connection. This means the attacker can potentially modify the camera's firmware to perform unauthorized actions.


How can this vulnerability impact me? :

If exploited, this vulnerability could allow an attacker to take control of the web camera by installing malicious firmware. This could lead to unauthorized surveillance, data interception, or other malicious activities compromising user privacy and security.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart