CVE-2025-12047
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-12
Last updated on: 2025-11-12
Assigner: Lenovo Group Ltd.
Description
Description
A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could allow an attacker on the same logical network to disclose sensitive user files from the application.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| lenovo | scanner_pro | 4.0 |
| lenovo | scanner_pro | 3.1 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Lenovo Scanner pro application could allow an attacker on the same logical network to access and disclose sensitive user files from the application under certain conditions.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could gain unauthorized access to sensitive files stored or processed by the Lenovo Scanner pro application, potentially leading to data leakage and privacy breaches.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70