{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14058", "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "state": "PUBLISHED", "assignerShortName": "lenovo", "dateReserved": "2025-12-04T19:05:38.655Z", "datePublished": "2026-01-14T22:20:37.631Z", "dateUpdated": "2026-01-14T22:20:37.631Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Tab M11 TB330FU TB330XU", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.284", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab K11 TB330FU", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.284", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab K11 TB330FUP", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.254", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab K11 TB330XU", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.084", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab K11 TB330XUP", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.254", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Idea Tab Pro TB373FU", "vendor": "Lenovo", "versions": [{"lessThan": "ZUI_17.0.04.266_ST_251120", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab K9 TB305FU", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.10.118", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab K9 TB305XU", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.10.098", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab Plus TB351FU", "vendor": "Lenovo", "versions": [{"lessThan": "17.5.10.023", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab M8 4th Gen 2024 TB301FU", "vendor": "Lenovo", "versions": [{"lessThan": "TB301FU_USR_S000126_250919_MP1V1111_ROW", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab M8 4th Gen 2024 TB301XU", "vendor": "Lenovo", "versions": [{"lessThan": "TB301XU_USR_S000147_250919_MP1V1111_ROW", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab Extreme TB570ZU TB570FU", "vendor": "Lenovo", "versions": [{"lessThan": "17.5.184", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab M10 5G TB360ZU", "vendor": "Lenovo", "versions": [{"lessThan": "16.0.882", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab M8 4th Gen TB300FU", "vendor": "Lenovo", "versions": [{"lessThan": "TB300XU_USR_S100149_250919_MP1V1111_ROW", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab M8 4th Gen TB300XU", "vendor": "Lenovo", "versions": [{"lessThan": "TB300FU_USR_S100122_250919_MP1V1111_ROW", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab M9 TB310FU", "vendor": "Lenovo", "versions": [{"lessThan": "TB310XU_USR_S000913_2510021921_mp1V969_ROW", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab M9 TB310XU", "vendor": "Lenovo", "versions": [{"lessThan": "TB310FU_USR_S000912_2510022135_mp1V969_ROW", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab P11 2nd Gen TB350XU", "vendor": "Lenovo", "versions": [{"lessThan": "TB350FU_USER_S231044_2601050946", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab P11 2nd Gen TB350FU", "vendor": "Lenovo", "versions": [{"lessThan": "TB350XU_USER_S231018_2601050930", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab P12 TB370FU", "vendor": "Lenovo", "versions": [{"status": "affected", "version": "TDB", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab P12 TB372FU", "vendor": "Lenovo", "versions": [{"status": "affected", "version": "TDB", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab K11 Plus LTE TB352FU", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.10.250", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab K11 Plus LTE TB352XU", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.10.242", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Yoga Tab Plus TB520FU", "vendor": "Lenovo", "versions": [{"lessThan": "17.5.10.036", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Tab K11 Gen 2 TB336ZU", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.10.541", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "TAB7", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.10.541", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Lenovo Tab with Clear Case TB311FU", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.30.303", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Lenovo Tab with Folio Case TB311XU", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.31.259", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Legion Tab TB321FU", "vendor": "Lenovo", "versions": [{"lessThan": "17.5.10.031", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Legion Tab TB320FC", "vendor": "Lenovo", "versions": [{"lessThan": "17.0.339", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Idea Tab TB336FU", "vendor": "Lenovo", "versions": [{"lessThan": "17.5.10.041", "status": "affected", "version": "0", "versionType": "custom"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_m11_tb330fu_tb330xu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.284", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_k11_tb330fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.284", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_k11_tb330fup:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.254", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_k11_tb330xu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.084", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_k11_tb330xup:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.254", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:idea_tab_pro_tb373fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "zui_17.0.04.266_st_251120", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_k9_tb305fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.10.118", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_k9_tb305xu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.10.098", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_plus_tb351fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.5.10.023", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_m8_4th_gen_2024_tb301fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "tb301fu_usr_s000126_250919_mp1v1111_row", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_m8_4th_gen_2024_tb301xu:*:*:*:*:*:*:*:*", "versionEndExcluding": "tb301xu_usr_s000147_250919_mp1v1111_row", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_extreme_tb570zu_tb570fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.5.184", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_m10_5g_tb360zu:*:*:*:*:*:*:*:*", "versionEndExcluding": "16.0.882", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_m8_4th_gen_tb300fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "tb300xu_usr_s100149_250919_mp1v1111_row", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_m8_4th_gen_tb300xu:*:*:*:*:*:*:*:*", "versionEndExcluding": "tb300fu_usr_s100122_250919_mp1v1111_row", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_m9_tb310fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "tb310xu_usr_s000913_2510021921_mp1v969_row", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_m9_tb310xu:*:*:*:*:*:*:*:*", "versionEndExcluding": "tb310fu_usr_s000912_2510022135_mp1v969_row", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_p11_2nd_gen_tb350xu:*:*:*:*:*:*:*:*", "versionEndExcluding": "tb350fu_user_s231044_2601050946", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_p11_2nd_gen_tb350fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "tb350xu_user_s231018_2601050930", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_p12_tb370fu:tdb:*:*:*:*:*:*:*", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_p12_tb372fu:tdb:*:*:*:*:*:*:*", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_k11_plus_lte_tb352fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.10.250", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_k11_plus_lte_tb352xu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.10.242", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:yoga_tab_plus_tb520fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.5.10.036", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab_k11_gen_2_tb336zu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.10.541", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:tab7:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.10.541", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:lenovo_tab_with_clear_case_tb311fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.30.303", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:lenovo_tab_with_folio_case_tb311xu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.31.259", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:legion_tab_tb321fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.5.10.031", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:legion_tab_tb320fc:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.0.339", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:idea_tab_tb336fu:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.5.10.041", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "value": "Lenovo thanks Pablo Vivanco of DeepSecurity for reporting this issue."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical access to modify Control Center settings if the device is locked when the \"Allow Control Center access when locked\" option is disabled. </span>"}], "value": "A potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical access to modify Control Center settings if the device is locked when the \"Allow Control Center access when locked\" option is disabled."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "PHYSICAL", "baseScore": 2.4, "baseSeverity": "LOW", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 3.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "description": "CWE-306: Missing Authentication for Critical Function", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b", "shortName": "lenovo", "dateUpdated": "2026-01-14T22:20:37.631Z"}, "references": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-207951"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Update to the version (or higher) as recommended in the advisory:&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-207951\">https://support.lenovo.com/us/en/product_security/LEN-207951</a></span><br>"}], "value": "Update to the version (or higher) as recommended in the advisory:\u00a0 https://support.lenovo.com/us/en/product_security/LEN-207951"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.3.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A potential missing authentication vulnerability was reported in some Lenovo Tablets that could allow an unauthorized user with physical access to modify Control Center settings if the device is locked when the \"Allow Control Center access when locked\" option is disabled."}], "id": "CVE-2025-14058", "lastModified": "2026-01-14T23:15:55.970", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 3.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 2.5, "source": "psirt@lenovo.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "PHYSICAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.4, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@lenovo.com", "type": "Secondary"}]}, "published": "2026-01-14T23:15:55.970", "references": [{"source": "psirt@lenovo.com", "url": "https://support.lenovo.com/us/en/product_security/LEN-207951"}], "sourceIdentifier": "psirt@lenovo.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "psirt@lenovo.com", "type": "Secondary"}]}

{}