CVE-2025-11193
6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
A potential vulnerability was reported in some Lenovo Tablets that could allow a local authenticated user or application to gain access to sensitive device specific information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Lenovo | Tab M11 TB330FU TB330XU | 0 < TB330FU_ROW_OPEN_USER_V5_V_ZUI_17.0.274_ST_251011 | affected |
| Lenovo | Tab M11 TB330FU TB330XU | 0 < TB330XU_ROW_OPEN_USER_V5_V_ZUI_17.0.235_ST_251011 | affected |
| Lenovo | Tab K11 TB330FU TB330FUP TB330XU TB330XUP | 0 < TB330FU_ROW_OPEN_USER_V5_V_ZUI_17.0.274_ST_251011 | affected |
| Lenovo | Tab K11 TB330FU TB330FUP TB330XU TB330XUP | 0 < TB330XU_ROW_OPEN_USER_V5_V_ZUI_17.0.235_ST_251011 | affected |
| Lenovo | Idea Tab Pro TB373FU | 0 < 17.0.04.184 | affected |
| Lenovo | Tab WiFi 5G | 0 < 17.0.10.457 | affected |
| Lenovo | Tab K9 TB305FU | 0 < 17.0.10.069 | affected |
| Lenovo | Tab K9 TB305XU | 0 < 17.0.10.065 | affected |
| Lenovo | Tab Plus TB520FU | 0 < 17.0.12.203 | affected |
| Lenovo | Tab M8 4th Gen 2024 TB301FU TB301XU | 0 < TB300FU_USR_S101112_250919_MP1V1111_ROW | affected |
| Lenovo | Tab M8 4th Gen 2024 TB301FU TB301XU | 0 < TB300XU_USR_S101103_250919_MP1V1111_ROW | affected |
| Lenovo | Tab Extreme TB570ZU TB570FU | 0 < 17.0.104 | affected |
| Lenovo | Tab M10 5G TB360ZU | 0 < 16.0.783 | affected |
| Lenovo | Tab M8 4th Gen TB300FU TB300XU | 0 < TB300FU_USR_S101112_250919_MP1V1111_ROW | affected |
| Lenovo | Tab M8 4th Gen TB300FU TB300XU | 0 < TB300XU_USR_S101103_250919_MP1V1111_ROW | affected |
| Lenovo | Tab M9 TB310FU TB310XU | 0 < TB310FU_USR_S000912_2510022135_mp1V969_ROW | affected |
| Lenovo | Tab M9 TB310FU TB310XU | 0 < TB310XU_USR_S000913_2510021921_mp1V969_ROW | affected |
| Lenovo | Tab P11 2nd Gen TB350XU TB350FU | 0 < TB350XU_USER_S230920_2508120308_MP_ROW | affected |
| Lenovo | Tab P11 2nd Gen TB350XU TB350FU | 0 < TB350FU_USER_S230917_2508090248_MP_ROW | affected |
| Lenovo | Tab P12 TB370FU TB372FU | 0 < TB370FU_ROW_OPEN_USER_V5_V_ZUI_17.0.187_ST_250817 | affected |
| Lenovo | Tab P12 TB370FU TB372FU | 0 < TB372FC_ROW_OPEN_USER_V5_V_ZUI_17.0.116_ST_250822 | affected |
| Lenovo | Tab WIFI | 0 < 17.0.30.303 | affected |
| Lenovo | Tab K11 Plus LTE TB352FU TB352XU | 0 < 17.0.10.213 | affected |
| Lenovo | Tab K11 Plus WIFI TB352FU | 0 < 17.0.10.213 | affected |
| Lenovo | Yoga Tab Plus TB520FU | 0 < 17.5.10.035 | affected |
| Lenovo | Tab One TB305FUXU | 0 < 17.0.10.107 | affected |
Weaknesses
- CWE-256: CWE-256: Plaintext Storage of a Password
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.