CVE-2025-12047

Summary

A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could allow an attacker on the same logical network to disclose sensitive user files from the application.

Affected Software

VendorProductVersion RangeStatus
LenovoScanner Pro0 < 1.2.7affected

Weaknesses

  • CWE-295: CWE-295: Improper Certificate Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References