CVE-2025-10495
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-12
Last updated on: 2025-11-12
Assigner: Lenovo Group Ltd.
Description
Description
A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute arbitrary code.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| lenovo | app_store | * |
| lenovo | pc_manager | * |
| lenovo | legion_zone | * |
| lenovo | browser | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in several Lenovo client applications (PC Manager, App Store, Browser, and Legion Zone) and could allow an attacker on the same logical network to execute arbitrary code under certain conditions.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could execute arbitrary code on your system, potentially leading to unauthorized control, data theft, or disruption of services.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70