CVE-2026-0520
Received
Received - Intake
Information Disclosure in Lenovo FileZ Android App Logs
Publication date: 2026-03-11
Last updated on: 2026-03-11
Assigner: Lenovo Group Ltd.
Description
Description
A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| lenovo | filez | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-532 | The product writes sensitive information to a log file. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Lenovo FileZ Android application. Under certain conditions, a local authenticated user could potentially access some sensitive data that is stored in a log file within the application.
How can this vulnerability impact me? :
The impact of this vulnerability is that a local authenticated user might be able to retrieve sensitive information from the application's log files. This could lead to unauthorized disclosure of sensitive data, potentially compromising user privacy or security.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70